Vulnerabilities > CVE-2006-1133 - Cross-Site Scripting vulnerability in Vbzoom 1.11
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in vbzoom 1.11 allow remote attackers to inject arbitrary web script or HTML via the UserID parameter to (1) comment.php or (2) contact.php. NOTE: the profile.php/UserName vector is already covered by CVE-2005-2441.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description VBZooM Forum 1.11 contact.php UserID Parameter XSS. CVE-2006-1133. Webapps exploit for php platform id EDB-ID:27348 last seen 2016-02-03 modified 2006-03-04 published 2006-03-04 reporter Mr.SNAKE source https://www.exploit-db.com/download/27348/ title VBZooM Forum 1.11 contact.php UserID Parameter XSS description VBZooM Forum 1.11 comment.php UserID Parameter XSS. CVE-2006-1133. Webapps exploit for php platform id EDB-ID:27347 last seen 2016-02-03 modified 2006-03-04 published 2006-03-04 reporter Mr.SNAKE source https://www.exploit-db.com/download/27347/ title VBZooM Forum 1.11 comment.php UserID Parameter XSS