CVE-2006-3795

{"id": "CVE-2006-3795", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2006-07-24T12:19:00.000", "references": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/21116", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/1254", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/440435/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/19052", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/2879", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27836", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27837", "source": "cve@mitre.org"}, {"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/21116", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/1254", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/440435/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/19052", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/2879", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27836", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27837", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers to inject arbitrary web script or HTML via the (1) membercookie cookie in header.php and the (2) redirect parameter in misc.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en DeluxeBB anterior a 1.08 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante la cookie (1) membercookie en header.php y el par\u00e1metro (2) redirect en misc.php."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:deluxebb:deluxebb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AEFACE5-6714-4ACF-B8D9-6F8EF554C236", "versionEndIncluding": "1.07"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}