5.1

CVE-2006-1716

Cross-site scripting (XSS) vulnerability in inc/functions_post.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to inject arbitrary web script or HTML via a JavaScript event in a BBCode img tag.  NOTE: the email vector is already covered by CVE-2006-1625, although it might stem from the same core issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.48% 0.706
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.1 4.9 6.4
AV:N/AC:H/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/19516
Vendor Advisory
http://www.osvdb.org/24375
https://exchange.xforce.ibmcloud.com/vulnerabilities/25615
http://kapda.ir/advisory-305.html
Vendor Advisory
http://myimei.com/security/2006-03-12/mybb-110functions_postphpxss-attack.html
http://www.securityfocus.com/archive/1/430344/100/0/threaded
http://www.securityfocus.com/bid/17413