PT-2006-6456 · Funkboard · Funkboard

Published

2006-11-06

Updated

2017-07-20

CVE-2006-5775

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: FunkBoard version 0.71

Description: A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML, possibly via the name parameter in the "profile.php" file.

Recommendations: For FunkBoard version 0.71, update to a version released after 4 November 2006 at 18:16 GMT to resolve the issue. As a temporary workaround, consider restricting access to the profile.php file or sanitizing input for the name parameter to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5775

Affected Products

Funkboard

PT-2006-6456 · Funkboard · Funkboard

CVE-2006-5775

Related Identifiers

Affected Products

References · 6