Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1717

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-1717
Last Modified 05 Sep 2008 05:02:38
Published 11 Apr 2006 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-1717

Summary

Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote attackers to inject arbitrary web script or HTML via the username.

Vulnerable Systems

Application

  • Mybulletinboard 1.10


References

BID - 17427

BUGTRAQ - 20060409 MyBB 1.10 'newthread.php' < CrossSiteScripting >

SECUNIA - 19516

XF - mybb-newthread-xss(25730)


Last Updated: 27 May 2016 10:42:10