CVE-2006-1841

2006-04-1916:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.007

Percentile

80.0%

JSON

Cross-site scripting (XSS) vulnerability in search.php in boastMachine (bMachine) 2.7, and possibly other versions before 2.9b, allows remote attackers to inject arbitrary web script or HTML via the key parameter, as used by the search field.

References

secunia.com/advisories/19711

www.securityfocus.com/archive/1/431120/100/0/threaded

www.securityfocus.com/bid/17550

www.vupen.com/english/advisories/2006/1375

exchange.xforce.ibmcloud.com/vulnerabilities/25914