NVD

Id
62494  
Name
CVE-2006-3826  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user_login, (2) full_name, and (3) URL parameters in register.php; and allow remote authenticated administrators to inject arbitrary web script or HTML via the (4) cat_list and (5) key parameters in a certain portion of the admin interface.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2016-12-20  
Published
2006-07-25  
Modified Date
2011-03-07  
Seq
2006-3826  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
324654 62494 CVE-2006-3826 1252  View
324655 62494 CVE-2006-3826 1016515  View
324656 62494 CVE-2006-3826 http://www.acid-root.new.fr/advisories/boastmachine.txt  View
324657 62494 CVE-2006-3826 20060717 boastMachine <= 3.1 SQL Injection Exploit  View
324658 62494 CVE-2006-3826 ADV-2006-2849  View
324659 62494 CVE-2006-3826 boastmachine-register-xss(27771)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
60628 JVNDB-2006-002894 Kailash Nadh boastMachine におけるクロスサイトスクリプティングの脆弱性 Kailash Nadh boastMachine (前 bMachine) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2006-3826 19928 CVE-2006-3826 62494 4.3 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-002894.html 2006-07-25 2012-12-20 View