CyberSec.Space Logo
Back to CVE Browser

CVE-2006-0241

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0990%
EPSS Percentile27.74th
PublishedJan 18, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting vulnerability in WBNews 1.1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Name field.

Affected Platforms (CPE)

πŸ“¦
Webmobo

Wbnews

= 1.1.0

References & Advisories

πŸ”— http://secunia.com/advisories/18499
πŸ”— http://www.securityfocus.com/archive/1/422133/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/16277
πŸ”— http://www.vupen.com/english/advisories/2006/0237
πŸ”— http://secunia.com/advisories/18499
πŸ”— http://www.securityfocus.com/archive/1/422133/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/16277
πŸ”— http://www.vupen.com/english/advisories/2006/0237

Related Vulnerabilities

CVE-2009-49277.5

WB News 2.1.2 allows remote attackers to bypass authentication and gain administrative access via a modified WBNEWS cookie, as dem...

CVE-2006-067210.0

Unspecified vulnerability in HP PSC 1210 All-in-One Drivers before 1.0.06 has unknown impact and attack vectors.

CVE-2006-068510.0

The check_login function in login.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not exit when authenticati...

CVE-2006-068610.0

add_user.php in Virtual Hosting Control System (VHCS) 2.4.7.1 and earlier does not check user privileges when adding a new adminis...