Vulnerabilities > CVE-2006-2497 - Unspecified vulnerability in Aspbb 0.5.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN aspbb
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in AspBB 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to default.asp or (2) get parameter to profile.asp.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description ASPBB 0.5.2 default.asp action Parameter XSS. CVE-2006-2497. Webapps exploit for asp platform id EDB-ID:27896 last seen 2016-02-03 modified 2006-05-18 published 2006-05-18 reporter TeufeL source https://www.exploit-db.com/download/27896/ title ASPBB 0.5.2 default.asp action Parameter XSS description ASPBB 0.5.2 profile.asp get Parameter XSS. CVE-2006-2497. Webapps exploit for asp platform id EDB-ID:27897 last seen 2016-02-03 modified 2006-05-18 published 2006-05-18 reporter TeufeL source https://www.exploit-db.com/download/27897/ title ASPBB 0.5.2 profile.asp get Parameter XSS
References
- http://secunia.com/advisories/20175
- http://secunia.com/advisories/20175
- http://securityreason.com/securityalert/926
- http://securityreason.com/securityalert/926
- http://www.osvdb.org/25650
- http://www.osvdb.org/25650
- http://www.osvdb.org/25651
- http://www.osvdb.org/25651
- http://www.securityfocus.com/archive/1/434370/100/0/threaded
- http://www.securityfocus.com/archive/1/434370/100/0/threaded
- http://www.securityfocus.com/bid/18025
- http://www.securityfocus.com/bid/18025
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26530
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26530