CVE-2006-1717

Published: Apr 11, 2006Modified: Apr 16, 2026

5.1

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability: 4.9 / Impact: 6.4

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in newthread.php in MyBB (aka MyBulletinBoard) 1.10, when configured to permit new threads by unregistered users, allows remote attackers to inject arbitrary web script or HTML via the username.

Affected (1)

Products: Mybulletinboard: Mybulletinboard

Mybulletinboard

1 product

Mybulletinboard

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mybulletinboard Mybulletinboard	Version 1.10

References (8)

http://secunia.com/advisories/19516

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/430464/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/17427

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/25730

Source: cve@mitre.org

http://secunia.com/advisories/19516

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/430464/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/17427

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/25730

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.