CVE-2006-2109

NONECVSS 0.0

0.0

Cross-site scripting (XSS) vulnerability in the parse_query_str function in include/print.php in JSBoard 2.0.10 and 2.0.11, and possibly other versions before 2.0.12, allows remote attackers to inject arbitrary web script or HTML via parameters that are set as global variables within the program, as demonstrated using the table parameter to login.php.

🔗 References (14)

cve@mitrehttp://secunia.com/advisories/19937
cve@mitrehttp://www.osvdb.org/25222
cve@mitrehttp://www.securityfocus.com/archive/1/432714/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/17778
cve@mitrehttp://www.vupen.com/english/advisories/2006/1636
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/26211
cve@mitrehttps://www.klink.name/security/aklink-sa-2006-001-jsboard-xss.txt
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19937
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/25222
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/432714/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/17778
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1636
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/26211
af854a3a-2127-422b-91ae-364da2661108https://www.klink.name/security/aklink-sa-2006-001-jsboard-xss.txt

Is Your Infrastructure Affected by CVE-2006-2109?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-2109

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-2109?