Vulnerability Details CVE-2006-0958
Cross-site scripting (XSS) vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) subject parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://evuln.com/vulns/89/summary.html
- http://secunia.com/advisories/19020
- http://soft.zoneo.net/freeForum/changes.php
- http://www.securityfocus.com/archive/1/427321/100/0/threaded
- http://www.securityfocus.com/bid/16877
- http://www.vupen.com/english/advisories/2006/0759
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24925
- http://evuln.com/vulns/89/summary.html
- http://secunia.com/advisories/19020
- http://soft.zoneo.net/freeForum/changes.php
- http://www.securityfocus.com/archive/1/427321/100/0/threaded
- http://www.securityfocus.com/bid/16877
- http://www.vupen.com/english/advisories/2006/0759
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24925
Products affected by CVE-2006-0958
-
cpe:2.3:a:zoneo-soft:freeforum:1.0
-
cpe:2.3:a:zoneo-soft:freeforum:1.0.1
-
cpe:2.3:a:zoneo-soft:freeforum:1.1
-
cpe:2.3:a:zoneo-soft:freeforum:1.1.1
-
cpe:2.3:a:zoneo-soft:freeforum:1.1.2
-
cpe:2.3:a:zoneo-soft:freeforum:1.2