CVE-2006-2070
published 2006-04-27CVE-2006-2070: Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the member…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
2.06%
79.0th percentile
Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mybb | devbb | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat4.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gwf4-jjfv-9gjx: Cross-site scripting (XSS) vulnerability in member
ghsa_unreviewed·2022-05-01
CVE-2006-2070 [MEDIUM] GHSA-gwf4-jjfv-9gjx: Cross-site scripting (XSS) vulnerability in member
Cross-site scripting (XSS) vulnerability in member.php in DevBB 1.0.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action.
Red Hat
/kernel/security/CVE-2006-0742 test cause kernel-xen panic on ia64
vendor_redhat·2007-09-11·CVSS 4.6
CVE-2010-2070 [MEDIUM] /kernel/security/CVE-2006-0742 test cause kernel-xen panic on ia64
/kernel/security/CVE-2006-0742 test cause kernel-xen panic on ia64
arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions, when running on IA-64 architectures, allows local users to cause a denial of service and "turn on BE by modifying the user mask of the PSR," as demonstrated via exploitation of CVE-2006-0742.
No detection rules found.
No writeups or analysis indexed.
http://downloads.securityfocus.com/vulnerabilities/exploits/DevBB-1.0.0-xss.txthttp://secunia.com/advisories/19855http://securityreason.com/securityalert/800http://www.osvdb.org/24994http://www.securityfocus.com/archive/1/432096/100/0/threadedhttp://www.securityfocus.com/bid/17703http://www.vupen.com/english/advisories/2006/1544https://exchange.xforce.ibmcloud.com/vulnerabilities/26091http://downloads.securityfocus.com/vulnerabilities/exploits/DevBB-1.0.0-xss.txthttp://secunia.com/advisories/19855http://securityreason.com/securityalert/800http://www.osvdb.org/24994http://www.securityfocus.com/archive/1/432096/100/0/threadedhttp://www.securityfocus.com/bid/17703http://www.vupen.com/english/advisories/2006/1544https://exchange.xforce.ibmcloud.com/vulnerabilities/26091
2006-04-27
Published