QwikSec

Security Database

CVE

CWE

Training

CVE-2006-6421

Published: Dec 10, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in the private message box implementation (privmsg.php) in phpBB 2.0.x allows remote authenticated users to inject arbitrary web script or HTML via the "Message body" field in a message to a non-existent user.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

phpbb-privmsgphp-xss(30776)

vdb-entry

x_refsource_XF

20070111 phpBB (privmsg.php) XSS Exploit

mailing-list

x_refsource_BUGTRAQ

http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=489624

x_refsource_CONFIRM

20070111 Re: phpBB (privmsg.php) XSS Exploit

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_BID

20070112 Re: phpBB (privmsg.php) XSS Exploit

mailing-list

x_refsource_BUGTRAQ

20061207 phpbb 2.0.x [xss]

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

third-party-advisory

x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.