NVD

Id
59145  
Name
CVE-2006-0407  
Description
Cross-site scripting (XSS) vulnerability in post.php in AZ Bulletin Board (AZbb) 1.1.00 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) nickname parameter and (2) an iframe tag in the topic parameter. NOTE: the original disclosure specified the name parameter, but a correction was later provided. NOTE: followup posts have both disputed and confirmed the original claim.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-01-24  
Modified Date
2011-03-07  
Seq
2006-0407  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
304008 59145 CVE-2006-0407 http://kapda.ir/advisory-236.html  View
304009 59145 CVE-2006-0407 20060123 Azbb v1.1.00 Cross-Site Scripting  View
304010 59145 CVE-2006-0407 20060128 [CORRECTIONS AND ADDITIONS ]Azbb v1.1.00 Cross-Site Scripting  View
304011 59145 CVE-2006-0407 20060308 Re: [CORRECTIONS AND ADDITIONS ]Azbb v1.1.00 Cross-Site Scripting  View
304012 59145 CVE-2006-0407 20060308 Re: [CORRECTIONS AND ADDITIONS ]Azbb v1.1.00 Cross-Site Scripting  View
304013 59145 CVE-2006-0407 20060309 Re: Re: [CORRECTIONS AND ADDITIONS ]Azbb v1.1.00 Cross-Site Scripting  View
304014 59145 CVE-2006-0407 16351  View
304015 59145 CVE-2006-0407 ADV-2006-0298  View
304016 59145 CVE-2006-0407 azbulletinboard-post-xss(24274)  View

Related JVN