NVD

Id
59918  
Name
CVE-2006-1204  
Description
Multiple cross-site scripting (XSS) vulnerabilities in txtForum 1.0.4-dev and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) prev, (2) next, and (3) rand5 parameters in (a) index.php; the (4) r_username and (5) r_loc parameters in (b) new_topic.php; the (6) r_num, (7) r_family_name, (8) r_icq, (9) r_yahoo, (10) r_aim, (11) r_homepage, (12) r_interests, (13) r_about, (14) selected1, (15) selected0, (16) signature_selected1, (17) signature_selected0, (18) smile_selected1, (19) smile_selected0, (20) ubb_selected1, and (21) ubb_selected0 parameters in (c) profile.php; the (22) quote and (23) tid parameters in (d) reply.php; and the (24) tid, (25) sticked, and (26) mid parameters in (e) view_topic.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-03-13  
Modified Date
2008-09-05  
Seq
2006-1204  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
308328 59918 CVE-2006-1204 http://www.seclab.tuwien.ac.at/advisories/TUVSA-0603-003.txt  View
308329 59918 CVE-2006-1204 20060309 txtForum: Multiple XSS Vulnerabilities  View
308330 59918 CVE-2006-1204 17054  View
308331 59918 CVE-2006-1204 txtforum-multiple-xss(25132)  View

Related JVN