Lucene search

MitreCVE-2006-0471

HistoryJan 31, 2006 - 11:03 a.m.

CVE-2006-0471

2006-01-3111:03:00

mitre

web.nvd.nist.gov

cve

2006

0471

cross-site scripting

xss

vulnerability

functions.php

bbcode

my little homepage

my little forum

remote attackers

javascript uri

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.016

Percentile

87.2%

JSON

Cross-site scripting (XSS) vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.

Affected configurations

Nvd

Node

my_little_homepagemy_little_forumMatch2004-04-20

VendorProductVersionCPE
my_little_homepagemy_little_forum2004-04-20cpe:2.3:a:my_little_homepage:my_little_forum:2004-04-20:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
my_little_homepage	my_little_forum	2004-04-20	cpe:2.3:a:my_little_homepage:my_little_forum:2004-04-20:::::::*

References

attrition.org/pipermail/vim/2006-January/000520.html

evuln.com/vulns/51/

evuln.com/vulns/51/summary.html

secunia.com/advisories/18628

www.osvdb.org/22856

www.securityfocus.com/archive/1/423167/100/0/threaded

www.securityfocus.com/bid/16395

www.vupen.com/english/advisories/2006/0349

exchange.xforce.ibmcloud.com/vulnerabilities/24310

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.016

Percentile

87.2%

JSON

Related for CVE-2006-0471