Lucene search

MitreCVE-2006-0661

HistoryFeb 13, 2006 - 11:06 a.m.

CVE-2006-0661

2006-02-1311:06:00

mitre

web.nvd.nist.gov

cve-2006-0661

xss

scriptme

sme gb host

sme blog host

remote attackers

web script

html

bbcode

url tag

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.008

Percentile

82.1%

JSON

Cross-site scripting (XSS) vulnerability in Scriptme SmE GB Host 1.21 and SmE Blog Host allows remote attackers to inject arbitrary web script or HTML via the BBcode url tag.

Affected configurations

Nvd

Node

scriptmesme_blog_host

scriptmesme_gb_hostMatch1.21

VendorProductVersionCPE
scriptmesme_blog_host*cpe:2.3:a:scriptme:sme_blog_host:*:*:*:*:*:*:*:*
scriptmesme_gb_host1.21cpe:2.3:a:scriptme:sme_gb_host:1.21:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
scriptme	sme_blog_host	*	cpe:2.3:a:scriptme:sme_blog_host::::::::
scriptme	sme_gb_host	1.21	cpe:2.3:a:scriptme:sme_gb_host:1.21:::::::*

References

evuln.com/vulns/65/summary.html

secunia.com/advisories/18786

securityreason.com/securityalert/447

www.securityfocus.com/bid/16585

www.vupen.com/english/advisories/2006/0504

exchange.xforce.ibmcloud.com/vulnerabilities/24543

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.008

Percentile

82.1%

JSON

Related for CVE-2006-0661