Published: 28/02/2006 Updated: 18/10/2018

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 270

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and previous versions for Woltlab Burning Board (wBB) 2.x allow remote malicious users to inject arbitrary web script or HTML via the (1) userid parameter in (a) jgs_galerie_slideshow.php and (b) jgs_galerie_scroll.php, and the (2) katid parameter in (c) jgs_galerie_slideshow.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
woltlab burning board 2.1.5
woltlab burning board 2.2.1
woltlab burning board 2.0
woltlab burning board 2.0.3
woltlab burning board 2.2.2
woltlab burning board 2.2.3
jgs-xa jgs-gallery addon 4.0
woltlab burning board 2.3.0
woltlab burning board 2.3.1

source: wwwsecurityfocuscom/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities These issues are due to a lack of proper sanitization of user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected ...

source: wwwsecurityfocuscom/bid/16810/info JGS-Gallery is prone to multiple cross-site scripting vulnerabilities These issues are due to a lack of proper sanitization of user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affect ...

NVD-CWE-Other http://www.nukedx.com/?viewdoc=11 http://www.securityfocus.com/bid/16810 http://www.securityfocus.com/bid/16843 http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0615.html https://exchange.xforce.ibmcloud.com/vulnerabilities/24888 http://www.securityfocus.com/archive/1/425981/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/27306/

CVE-2006-0927

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect