CVE

Id
18919  
CVE No.
CVE-2006-2815  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Two Shoes M-Factory (TSMF) SimpleBoard 1.1.0 Stable (aka com_simpleboard), as used in Mambo and Joomla!, allow remote attackers to inject arbitrary web script or HTML via (1) the Name field in "post ne topic" in the Frontend, (2) the Title (aka Community-Title) field in Simpleboard Configuration in the Backend Admin Panel, and the (3) Name (aka Forum-Title) and (4) Name (aka Category-Title) fields in Simpleboard Administration in the Backend Admin Panel. NOTE: some sources have stated that the sb_authorname parameter is affected, but it is unclear which field is related to it.  
Phase
Assigned (20060605)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
167269 18919 CVE-2006-2815 BUGTRAQ:20060601 Joomla/Mambo CMS Component SimpleBoard 1.1 XSS-Vulnerabilities  View
167270 18919 CVE-2006-2815 URL:http://www.securityfocus.com/archive/1/archive/1/435615/100/0/threaded  View
167271 18919 CVE-2006-2815 FULLDISC:20060601 Joomla/Mambo CMS Component SimpleBoard 1.1 XSS-Vulnerabilities  View
167272 18919 CVE-2006-2815 URL:http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046484.html  View
167273 18919 CVE-2006-2815 BID:18251  View
167274 18919 CVE-2006-2815 URL:http://www.securityfocus.com/bid/18251  View
167275 18919 CVE-2006-2815 VUPEN:ADV-2006-2111  View
167276 18919 CVE-2006-2815 URL:http://www.vupen.com/english/advisories/2006/2111  View
167277 18919 CVE-2006-2815 SECUNIA:20409  View
167278 18919 CVE-2006-2815 URL:http://secunia.com/advisories/20409  View
167279 18919 CVE-2006-2815 SREASON:1030  View
167280 18919 CVE-2006-2815 URL:http://securityreason.com/securityalert/1030  View
167281 18919 CVE-2006-2815 XF:simpleboard-multiple-xss(27021)  View

Related JVN