CVE-2006-1272 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in member.php in MyBulletin Board (MyBB) 1.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) aim (2) yahoo (3) msn or (4) website field.

Reference

http://community.mybboard.net/showthread.php?tid=7368 http://kapda.ir/advisory-297.html http://www.osvdb.org/23935 http://www.securityfocus.com/archive/1/427746/100/0/threaded http://www.securityfocus.com/bid/17097 https://exchange.xforce.ibmcloud.com/vulnerabilities/25263