Lucene search

[email protected]NVD:CVE-2006-1202

HistoryMar 14, 2006 - 1:06 a.m.

CVE-2006-1202

2006-03-1401:06:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.006

Percentile

77.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in textfileBB 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mess and (2) user parameters in messanger.php, possibly requiring a URL encoded value.

Affected configurations

Nvd

Node

jcink.comtextfilebbMatch1.0

VendorProductVersionCPE
jcink.comtextfilebb1.0cpe:2.3:a:jcink.com:textfilebb:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jcink.com	textfilebb	1.0	cpe:2.3:a:jcink.com:textfilebb:1.0:::::::*

References

notlegal.ws/textfilebbmessanger.txt

secunia.com/advisories/19149

securitytracker.com/id?1015744

www.securityfocus.com/archive/1/427081/100/0/threaded

www.securityfocus.com/bid/17029

www.vupen.com/english/advisories/2006/0897

exchange.xforce.ibmcloud.com/vulnerabilities/25091

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.006

Percentile

77.8%

JSON

Related for NVD:CVE-2006-1202

cvelist1 prion1 exploitdb1 cve1