← back
CVE-2006-1222

CVE-2006-1222

EPSS 1.8%
Multiple cross-site scripting (XSS) vulnerabilities in zeroboard 4.1 pl7 allows allow remote attackers to inject arbitrary web script or HTML via the (1) memo box title, (2) user email, and (3) homepage fields.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/042872.htmlhttp://secunia.com/advisories/19214https://exchange.xforce.ibmcloud.com/vulnerabilities/25212http://www.inetcop.org/upfiles/33INCSA.2006-0x82-029-zeroboard.pdfhttp://www.nzeo.com/bbs/zboard.php?id=cgi_bugreport2&no=5406http://www.osvdb.org/23847http://www.securityfocus.com/archive/1/427466/100/0/threadedhttp://www.securityfocus.com/bid/17075http://www.vupen.com/english/advisories/2006/0944