CVE-2006-3308 | Vulnerability Database | Aqua Security

Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS).

Affected Software

Name	Vendor	Start Version	End Version
Project_eros_bbsengine	Zoid_technologies	*	2006-06-21 (including)
Project_eros_bbsengine	Zoid_technologies	2006-02-23 (including)	2006-02-23 (including)
Project_eros_bbsengine	Zoid_technologies	2006-04-29 (including)	2006-04-29 (including)
Project_eros_bbsengine	Zoid_technologies	2006-05-01 (including)	2006-05-01 (including)
Project_eros_bbsengine	Zoid_technologies	2006-05-09 (including)	2006-05-09 (including)
Project_eros_bbsengine	Zoid_technologies	2006-05-10 (including)	2006-05-10 (including)
Project_eros_bbsengine	Zoid_technologies	2006-05-12 (including)	2006-05-12 (including)
Project_eros_bbsengine	Zoid_technologies	2006-05-19 (including)	2006-05-19 (including)
Project_eros_bbsengine	Zoid_technologies	2006-05-20 (including)	2006-05-20 (including)

References

http://secunia.com/advisories/20760
http://sourceforge.net/project/shownotes.php?release_id=427430\u0026group_id=86388
http://www.securityfocus.com/bid/18627
http://www.vupen.com/english/advisories/2006/2503
https://exchange.xforce.ibmcloud.com/vulnerabilities/27488

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-3308
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html