Anfälligkeitssuche        Suche in 191973 CVE Beschreibungen
und 86218 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2006-1040
Beschreibung:Cross-site scripting (XSS) vulnerability in vBulletin 3.0.12 and 3.5.3 allows remote attackers to inject arbitrary web script or HTML via the email field, which is injected in profile.php but not sanitized in sendmsg.php.
Test Kennungen: 1.3.6.1.4.1.25623.1.0.56883  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2006-1040
BugTraq ID: 16919
http://www.securityfocus.com/bid/16919
Bugtraq: 20060301 [KAPDA::#26]vBulletin.3.5.3~3.0.12-XSS (Google Search)
http://www.securityfocus.com/archive/1/426537/100/0/threaded
Bugtraq: 20060302 vBulletin3.0.12&3.5.3~is_valid_email()~XSS Attack (Google Search)
http://www.securityfocus.com/archive/1/426589/100/0/threaded
http://www.kapda.ir/advisory-266.html
http://www.osvdb.org/23614
http://secunia.com/advisories/19100
http://www.vupen.com/english/advisories/2006/0808




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.