|
CVE Reference: CVE-2006-0442
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2006-0442
|
|
Description:
Multiple cross-site scripting (XSS) vulnerabilities in usercp.php in MyBulletinBoard (MyBB) 1.02 allow remote attackers to inject arbitrary web script or HTML via the (1) notepad parameter in a notepad action and (2) signature parameter in a editsig action. NOTE: These are different attack vectors, and probably a different vulnerability, than CVE-2006-0218 and CVE-2006-0219.
|
|
CVE Status:
Candidate
|
|
References:
ST
1015535
SAID
Secunia Advisory: SA18603
MISC
http://kapda.ir/advisory-241.html
BUGTRAQ
http://www.securityfocus.com/archive/1/archive/1/423128/100/0/threaded
BID
16361
|
|
|
Return to the previous page.
|
