CVE Vulnerabilities

CVE-2006-3953

Published: Aug 01, 2006 | Modified: Oct 17, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Cross-site scripting (XSS) vulnerability in usercp.php in MyBB (aka MyBulletinBoard) 1.x allows remote attackers to inject arbitrary web script or HTML via the gallery parameter.

Affected Software

Name Vendor Start Version End Version
Mybulletinboard Mybulletinboard 1.10 1.10
Mybulletinboard Mybulletinboard 1.14 1.14
Mybulletinboard Mybulletinboard 1.0_final 1.0_final
Mybulletinboard Mybulletinboard 1.1.1 1.1.1
Mybulletinboard Mybulletinboard 1.0_rc4 1.0_rc4
Mybulletinboard Mybulletinboard 1.00_rc4 1.00_rc4
Mybulletinboard Mybulletinboard 1.00_rc3 1.00_rc3
Mybulletinboard Mybulletinboard 1.1.3 1.1.3
Mybulletinboard Mybulletinboard 1.20 1.20
Mybulletinboard Mybulletinboard 1.0.3 1.0.3
Mybulletinboard Mybulletinboard 1.00_rc4_security_patch 1.00_rc4_security_patch
Mybulletinboard Mybulletinboard 1.04 1.04
Mybulletinboard Mybulletinboard 1.01 1.01
Mybulletinboard Mybulletinboard 1.00_rc1 1.00_rc1
Mybulletinboard Mybulletinboard 1.1.5 1.1.5
Mybulletinboard Mybulletinboard 1.0_pr2 1.0_pr2
Mybulletinboard Mybulletinboard 1.00_rc2 1.00_rc2
Mybulletinboard Mybulletinboard 1.1 1.1
Mybulletinboard Mybulletinboard 1.1.4 1.1.4
Mybulletinboard Mybulletinboard 1.0.1 1.0.1
Mybulletinboard Mybulletinboard 1.0.4 1.0.4
Mybulletinboard Mybulletinboard 1.1.2 1.1.2
Mybulletinboard Mybulletinboard 1.0.2 1.0.2
Mybulletinboard Mybulletinboard 1.0_rc2 1.0_rc2
Mybulletinboard Mybulletinboard 1.1.7 1.1.7
Mybulletinboard Mybulletinboard 1.0_preview_release_2 1.0_preview_release_2

References