CVE-2006-0473 - Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage

CVE-2006-0473

Summary

Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage my little weblog, as last modified in April 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.

References

Vulnerable Configurations

cpe:2.3:a:my_little_homepage:my_little_weblog:2004-04-20:*:*:*:*:*:*:*
cpe:2.3:a:my_little_homepage:my_little_weblog:2004-04-20:*:*:*:*:*:*:*

CVSS

Base:	4.3 (as of 19-10-2018 - 15:45)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:N/I:P/A:N

refmap via4

bid	16395
bugtraq	20060126 [eVuln] "my little homepage" products [link] BBCode XSS Vulnerability
misc	http://evuln.com/vulns/51/ http://evuln.com/vulns/51/summary.html
osvdb	22753
secunia	18628
sreason	378
vim	20060130 My Little Homepage - source verify of different products
vupen	ADV-2006-0349
xf	mylittlehomepage-link-tag-xss(24310)

Last major update

19-10-2018 - 15:45

Published

31-01-2006 - 11:03

Last modified

19-10-2018 - 15:45