nvd-json-data-feeds/CVE-2006/CVE-2006-10xx/CVE-2006-1089.json

{
  "id": "CVE-2006-1089",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2006-03-09T13:06:00.000",
  "lastModified": "2017-07-20T01:30:18.020",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in header.php in PunBB 1.2.10 allows remote attackers to inject arbitrary web script or HTML via the URL, which is not properly handled when the PHP_SELF variable is used to handle a pun_page tag."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.3
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "92F62C7C-EA7A-40B2-A8A0-5FEA69DF321B"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8827471A-6FCC-48A6-BBAA-6DC82EA42EB4"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.0_alpha:*:*:*:*:*:*:*",
              "matchCriteriaId": "C68B349F-F76D-49D2-95DA-C8670E32530A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.0_beta1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB336F6C-E81A-43C2-A252-36A192D9CADD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.0_beta1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2C26FE-F2D3-4C1A-8D14-E4B818834703"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.0_beta2:*:*:*:*:*:*:*",
              "matchCriteriaId": "91EBBB6B-A4F7-45A3-8BAB-26CEBCD3156E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.0_beta3:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C4E00F-E370-4DD1-B760-8AA0CEC4E536"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.0_rc1:*:*:*:*:*:*:*",
              "matchCriteriaId": "00082231-3168-4FCC-807B-8AD3DBBFCE92"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.0_rc2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77FF770-BEB4-4320-AA45-399A5CC6540A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E04494D1-FE7F-431C-8242-A0591A5D0A6A"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A97DA335-4815-4608-84D5-67F4E539D8F0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9481F02E-2523-4599-A39D-3ACE518CEC35"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "01C976DD-47E4-48CA-AF99-93D0653D31F0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1AAB3BF-EBFA-4F55-A3D4-0B26F749D91E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7277A122-5963-4E7F-BA1A-62B19AF804EB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEF85286-A1F8-4797-99F0-4F42B6D859CF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "05BCF8A0-5530-4B36-8CEA-5330307C74CC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8EDF1AE-B415-4B5B-80CD-0B96AFA21D81"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDBA41AF-C817-476A-8ED1-57808D0B678C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C353C194-328F-4C4C-9773-F06A0FA3978C"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE58D68-FC34-4F70-849A-2E6CC919230D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5713E747-5529-4A64-95B4-D9678D8E88B3"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C920E92-B2AE-416D-9669-9A4FBFE0AE8D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DFD4225-32F9-4D62-87C5-9632A1C03326"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A75787B-6156-4710-9B24-48C5763E7771"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:punbb:punbb:1.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "20A9473E-DE15-4BE2-839D-90B55F8713EB"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.punbb.org/changelogs/1.2.10_to_1.2.11.txt",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.punbb.org/download/patch/punbb-1.2.10_to_1.2.11.patch",
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://www.securityfocus.com/bid/16891",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.vupen.com/english/advisories/2006/0773",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24982",
      "source": "cve@mitre.org"
    }
  ]
}