CVE-2006-0735

Published: Feb 16, 2006Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as used in products such as My Blog before 1.65, allows remote attackers to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode tag.

Affected (18)

Products: Fuzzymonkey: My Blog · M Blom: Html Bbcode

1 product

1 product

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Fuzzymonkey My Blog	Version 1.0
Fuzzymonkey My Blog	Version 1.21
Fuzzymonkey My Blog	Version 1.22
Fuzzymonkey My Blog	Version 1.23
Fuzzymonkey My Blog	Version 1.2
Fuzzymonkey My Blog	Version 1.31
Fuzzymonkey My Blog	Version 1.3
Fuzzymonkey My Blog	Version 1.4
Fuzzymonkey My Blog	Version 1.51
Fuzzymonkey My Blog	Version 1.52
Fuzzymonkey My Blog	Version 1.5
Fuzzymonkey My Blog	Version 1.61
Fuzzymonkey My Blog	Version 1.62
Fuzzymonkey My Blog	Version 1.63
Fuzzymonkey My Blog	Version 1.64
Fuzzymonkey My Blog	Version 1.6
M Blom Html Bbcode	Version 1.03
M Blom Html Bbcode	Version 1.04

References (28)

http://evuln.com/vulns/79/summary.html

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://evuln.com/vulns/80/summary.html

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://fuzzymonkey.net/forum/viewtopic.php?t=856

Source: cve@mitre.org

Patch

http://menno.b10m.net/perl/HTML-BBCode/Changes

Source: cve@mitre.org

http://menno.b10m.net/perl/dists/HTML-BBCode-1.05.tar.gz

Source: cve@mitre.org

http://secunia.com/advisories/18905

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/18925

Source: cve@mitre.org

Vendor Advisory

http://www.evuln.com/vulns/80/summary.html

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://www.securityfocus.com/archive/1/425087/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/425113/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16659

Source: cve@mitre.org

ExploitPatch

http://www.vupen.com/english/advisories/2006/0614

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/0642

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24668

Source: cve@mitre.org

http://evuln.com/vulns/79/summary.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://evuln.com/vulns/80/summary.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://fuzzymonkey.net/forum/viewtopic.php?t=856

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://menno.b10m.net/perl/HTML-BBCode/Changes

Source: af854a3a-2127-422b-91ae-364da2661108

http://menno.b10m.net/perl/dists/HTML-BBCode-1.05.tar.gz

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/18905

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/advisories/18925

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.evuln.com/vulns/80/summary.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

http://www.securityfocus.com/archive/1/425087/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/425113/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/16659

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://www.vupen.com/english/advisories/2006/0614

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/0642

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/24668

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.