CVE-2006-0155
published 2006-01-10CVE-2006-0155: Cross-site scripting (XSS) vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a…
PriorityP414medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.38%
68.8th percentile
Cross-site scripting (XSS) vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| 427bb | fourtwosevenbb | — | — |
| 427bb | fourtwosevenbb | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat4.6MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jp89-5qr2-95pm: Cross-site scripting (XSS) vulnerability in posts
ghsa_unreviewed·2022-05-01
CVE-2006-0155 [MEDIUM] GHSA-jp89-5qr2-95pm: Cross-site scripting (XSS) vulnerability in posts
Cross-site scripting (XSS) vulnerability in posts.php in 427BB 2.2 and 2.2.1 allows remote attackers to inject arbitrary Javascript via a new message with a url bbcode tag containing a javascript URI.
Red Hat
security flaw
vendor_redhat·2006-08-10·CVSS 4.6
CVE-2006-3813 [MEDIUM] security flaw
security flaw
A regression error in the Perl package for Red Hat Enterprise Linux 4 omits the patch for CVE-2005-0155, which allows local users to overwrite arbitrary files with debugging information.
No detection rules found.
No public exploits indexed.
http://evuln.com/vulns/18/summary.htmlhttp://secunia.com/advisories/18354http://www.osvdb.org/22276http://www.securityfocus.com/archive/1/421326/100/0/threadedhttp://www.vupen.com/english/advisories/2006/0091https://exchange.xforce.ibmcloud.com/vulnerabilities/24040http://evuln.com/vulns/18/summary.htmlhttp://secunia.com/advisories/18354http://www.osvdb.org/22276http://www.securityfocus.com/archive/1/421326/100/0/threadedhttp://www.vupen.com/english/advisories/2006/0091https://exchange.xforce.ibmcloud.com/vulnerabilities/24040
2006-01-10
Published