CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-4157

Cross-site scripting (XSS) vulnerability in index.php in Yet another Bulletin Board (YaBB) allows remote attackers to inject arbitrary web script or HTML via the categories parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.8%

CVSS Severity

CVSS v2 Score 6.8

References

http://securitytracker.com/id?1016684
http://www.securityfocus.com/archive/1/442817/100/0/threaded
http://www.securityfocus.com/bid/19460
https://exchange.xforce.ibmcloud.com/vulnerabilities/28324
http://securitytracker.com/id?1016684
http://www.securityfocus.com/archive/1/442817/100/0/threaded
http://www.securityfocus.com/bid/19460
https://exchange.xforce.ibmcloud.com/vulnerabilities/28324

Products affected by CVE-2006-4157

Yabb » Yabb » Version: 1.5.1

cpe:2.3:a:yabb:yabb:1.5.1
Yabb » Yabb » Version: 1.5.2

cpe:2.3:a:yabb:yabb:1.5.2
Yabb » Yabb » Version: 1.5.4

cpe:2.3:a:yabb:yabb:1.5.4
Yabb » Yabb » Version: 1.5.5

cpe:2.3:a:yabb:yabb:1.5.5
Yabb » Yabb » Version: 1.5.5b

cpe:2.3:a:yabb:yabb:1.5.5b

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-4157

Products

Pricing

Contact Us