Woltlab : Security Vulnerabilities, CVEs, Published In 2006 (XSS)
Cross-site scripting (XSS) vulnerability in attachment.php in WoltLab Burning Board (WBB) 2.3.5 allows remote attackers to inject arbitrary web script or HTML via a GIF image that contains URL-encoded Javascript.
Max CVSS
6.8
EPSS Score
2.31%
Published
2006-08-24
Updated
2018-10-17
Cross-site scripting (XSS) vulnerability in acp/lib/class_db_mysql.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter when a SQL error is generated.
Max CVSS
6.8
EPSS Score
1.59%
Published
2006-03-21
Updated
2017-07-20
Cross-site scripting (XSS) vulnerability in misc.php in Woltlab Burning Board (wBB) 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the percent parameter. NOTE: this issue has been disputed in a followup post, although the original disclosure might be related to reflected XSS.
Max CVSS
4.3
EPSS Score
0.27%
Published
2006-03-14
Updated
2017-07-20
Multiple cross-site scripting (XSS) vulnerabilities in Woltlab Burning Board (wBB) allow remote attackers to inject arbitrary web script or HTML via (1) the username parameter to galerie_index.php and possibly (2) galerie_onfly.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. The second vector might not be XSS.
Max CVSS
4.3
EPSS Score
0.12%
Published
2006-03-07
Updated
2008-09-05
Multiple cross-site scripting (XSS) vulnerabilities in the JGS-XA JGS-Gallery Addon 4.0.0 and earlier for Woltlab Burning Board (wBB) 2.x allow remote attackers to inject arbitrary web script or HTML via the (1) userid parameter in (a) jgs_galerie_slideshow.php and (b) jgs_galerie_scroll.php, and the (2) katid parameter in (c) jgs_galerie_slideshow.php.
Max CVSS
2.6
EPSS Score
0.72%
Published
2006-02-28
Updated
2018-10-18
5 vulnerabilities found