Published: 20/05/2006 Updated: 18/10/2018

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 590

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in AspBB 0.5.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) action parameter to default.asp or (2) get parameter to profile.asp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
aspbb aspbb 0.5.2

source: wwwsecurityfocuscom/bid/18025/info ASPBB is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of th ...

source: wwwsecurityfocuscom/bid/18025/info ASPBB is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of ...

NVD-CWE-Other http://www.securityfocus.com/bid/18025 http://secunia.com/advisories/20175 http://www.osvdb.org/25650 http://www.osvdb.org/25651 http://securityreason.com/securityalert/926 https://exchange.xforce.ibmcloud.com/vulnerabilities/26530 http://www.securityfocus.com/archive/1/434370/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/27896/

CVE-2006-2497

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect