Vulnerabilities > CVE-2006-3308 - Input Validation vulnerability in Project Eros BBSEngine

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

zoid-technologies

critical

NVD

Published: 2006-06-29

Updated: 2017-07-20

Summary

Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS).

Vulnerable Configurations

Part	Description	Count
Application	Zoid_Technologies Zoid Technologies Project Eros Bbsengine 2006-02-23 Zoid Technologies Project Eros Bbsengine 2006-04-29 Zoid Technologies Project Eros Bbsengine 2006-05-01 Zoid Technologies Project Eros Bbsengine 2006-05-09 Zoid Technologies Project Eros Bbsengine 2006-05-10 Zoid Technologies Project Eros Bbsengine 2006-05-12 Zoid Technologies Project Eros Bbsengine 2006-05-19 Zoid Technologies Project Eros Bbsengine 2006-05-20	8

Summary

Vulnerable Configurations

References