4.3

CVE-2006-1603

Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via the cur_password parameter.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Phpbb GroupPhpbb Version2.0.19
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.33% 0.673
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://osvdb.org/ref/24/24353-phpbb.txt
http://secunia.com/advisories/19494
Vendor Advisory
http://www.osvdb.org/24353
http://www.securityfocus.com/bid/17355
http://www.vupen.com/english/advisories/2006/1191
https://exchange.xforce.ibmcloud.com/vulnerabilities/25599