CVE-2006-1097

Published: Mar 9, 2006Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Datenbank MOD 2.7 and earlier for Woltlab Burning Board allow remote attackers to inject arbitrary web script or HTML via the fileid parameter to (1) info_db.php or (2) database.php.

Affected (1)

Products: Datenbank Module: Datenbank Module

Datenbank Module

1 product

Datenbank Module

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Datenbank Module Datenbank Module	Version mod_2.7

References (12)

http://archives.neohapsis.com/archives/fulldisclosure/2006-03/0033.html

Source: cve@mitre.org

http://www.nukedx.com/?viewdoc=17

Source: cve@mitre.org

ExploitVendor Advisory

http://www.osvdb.org/23809

Source: cve@mitre.org

http://www.osvdb.org/23811

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/426583

Source: cve@mitre.org

ExploitVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/25004

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2006-03/0033.html