Vulnerabilities > CVE-2006-2143 - Tag Script Injection vulnerability in Jcink Textfilebb 1.0.16
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in TextFileBB 1.0.16 allow remote attackers to inject arbitrary web script or HTML via Javascript events such as "onmouseover" in the (1) color, (2) size, or (3) url bbcode tags.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | TextFileBB 1.0.16 Multiple Tag Script Injection Vulnerabilities. CVE-2006-2143. Webapps exploit for php platform |
| id | EDB-ID:27782 |
| last seen | 2016-02-03 |
| modified | 2006-04-29 |
| published | 2006-04-29 |
| reporter | r0xes |
| source | https://www.exploit-db.com/download/27782/ |
| title | TextFileBB 1.0.16 - Multiple Tag Script Injection Vulnerabilities |
References
- http://secunia.com/advisories/19883
- http://securityreason.com/securityalert/828
- http://securitytracker.com/id?1016013
- http://www.osvdb.org/25123
- http://www.securityfocus.com/archive/1/432461/100/0/threaded
- http://www.securityfocus.com/bid/17750
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26129