NVD

Id
61186  
Name
CVE-2006-2491  
Description
Cross-site scripting (XSS) vulnerability in (1) index.php and (2) bmc/admin.php in BoastMachine (bMachine) 3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string, which is not properly filtered when it is accessed using the $_SERVER["PHP_SELF"] variable.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-05-19  
Modified Date
2011-03-07  
Seq
2006-2491  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
316244 61186 CVE-2006-2491 725  View
316245 61186 CVE-2006-2491 927  View
316246 61186 CVE-2006-2491 20060517 Boastmachine Cross Site Scripting Vulnerability  View
316247 61186 CVE-2006-2491 18012  View
316248 61186 CVE-2006-2491 ADV-2006-1853  View
316249 61186 CVE-2006-2491 boastmachine-phpself-xss(26518)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
61733 JVNDB-2006-003999 BoastMachine におけるクロスサイトスクリプティングの脆弱性 BoastMachine (bMachine) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2006-2491 18593 CVE-2006-2491 61186 6.8 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003999.html 2006-05-19 2014-03-11 View