Published: 07/03/2006 Updated: 05/09/2008

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning Board (wBB) allow remote malicious users to inject arbitrary web script or HTML via (1) the username parameter to galerie_index.php and possibly (2) galerie_onfly.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. The second vector might not be XSS.

Vulnerable Product	Search on Vulmon	Subscribe to Product
woltlab burning board 1.1.1
woltlab burning board 2.0_beta_4
woltlab burning board 2.3.1
woltlab burning board 2.4
woltlab burning board 2.6
woltlab burning board 2.0_beta_3
woltlab burning board 2.3.3
woltlab burning board 2.5
woltlab burning board 2.0_beta_5
woltlab burning board 2.0_rc1
woltlab burning board 2.0_rc2
woltlab burning board 2.2.2
woltlab burning board 2.7

source: wwwsecurityfocuscom/bid/16843/info Woltlab Burning Board is prone to multiple cross-site scripting vulnerabilities These issues are due to a lack of proper sanitization of user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of ...

source: wwwsecurityfocuscom/bid/16843/info Woltlab Burning Board is prone to multiple cross-site scripting vulnerabilities These issues are due to a lack of proper sanitization of user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of th ...

NVD-CWE-Other http://www.securityfocus.com/bid/16843 https://nvd.nist.gov https://www.exploit-db.com/exploits/27323/

CVE-2006-1034

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect