CVE-2006-2815

Name of the Vulnerable Software and Affected Versions Two Shoes M-Factory (TSMF) SimpleBoard version 1.1.0 Stable

Description The issue allows remote attackers to inject arbitrary web script or HTML via several fields, including the Name field in "post new topic" in the Frontend, the Title field in Simpleboard Configuration in the Backend Admin Panel, and the Name fields in Simpleboard Administration in the Backend Admin Panel.

Recommendations For version 1.1.0 Stable, consider restricting access to the affected fields, such as the Name field in the Frontend and Backend Admin Panel, to minimize the risk of exploitation. Avoid using the Title and Name fields in the Simpleboard Configuration and Administration until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.