2 matches found
CVE-2006-2089
CVE-2006-2089: Multiple cross-site scripting (XSS) vulnerabilities in misc.php of MySmartBB 1.1.x allow remote attackers to inject arbitrary web script or HTML via the id and username parameters. The NVD entry lists a CVSS v2 base score of 4.3 (Medium) with Network attack vector, no confidentiali...
CVE-2006-2090
CVE-2006-2090 affects MySmartBB 1.1.x, specifically the misc.php component, where SQL injection is possible through the id and username parameters. The vulnerability allows remote attackers to execute arbitrary SQL commands, with a CVSSv2 base score of 7.5 (HIGH) and an attack vector of NETWORK, ...