CVE-2006-6779

Published: Dec 28, 2006Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin allows remote attackers to inject arbitrary web script or HTML via an SWF file that uses ActionScript to trigger execution of JavaScript.

Affected (8)

Products: Jelsoft: Vbulletin

1 product

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Jelsoft Vbulletin	Version 3.5.1
Jelsoft Vbulletin	Version 3.5.2
Jelsoft Vbulletin	Version 3.5.4
Jelsoft Vbulletin	Version 3.6.0
Jelsoft Vbulletin	Version 3.6.1
Jelsoft Vbulletin	Version 3.6.2
Jelsoft Vbulletin	Version 3.6.3
Jelsoft Vbulletin	Version 3.6.4

References (12)

http://securityreason.com/securityalert/2084

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/455265/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/455351/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/455414/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/21736

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/31119

Source: cve@mitre.org

http://securityreason.com/securityalert/2084

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/455265/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/455351/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/455414/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/21736

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/31119

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.