Vulnerabilities > CVE-2006-0473 - Unspecified vulnerability in MY Little Homepage MY Little Weblog 20040420
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage my little weblog, as last modified in April 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | My Little Homepage Products BBCode Link Tag Script Injection Vulnerability. CVE-2006-0473. Webapps exploit for php platform |
id | EDB-ID:27139 |
last seen | 2016-02-03 |
modified | 2006-01-26 |
published | 2006-01-26 |
reporter | Aliaksandr Hartsuyeu |
source | https://www.exploit-db.com/download/27139/ |
title | My Little Homepage Products BBCode Link Tag Script Injection Vulnerability |
References
- http://attrition.org/pipermail/vim/2006-January/000520.html
- http://evuln.com/vulns/51/
- http://evuln.com/vulns/51/summary.html
- http://secunia.com/advisories/18628
- http://securityreason.com/securityalert/378
- http://www.osvdb.org/22753
- http://www.securityfocus.com/archive/1/423167/100/0/threaded
- http://www.securityfocus.com/bid/16395
- http://www.vupen.com/english/advisories/2006/0349
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24310