Search criteria
3 vulnerabilities found for bbs_thread by thingslabo
CVE-2011-0455 (GCVE-0-2011-0455)
Vulnerability from nvd – Published: 2011-03-03 00:00 – Updated: 2024-08-06 21:51
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/43524 | third-party-advisoryx_refsource_SECUNIA |
| http://www.thingslabo.com/cgi/bbs_thread/download.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015 | third-party-advisoryx_refsource_JVNDB |
| http://jvn.jp/en/jp/JVN20982938/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/46638 | vdb-entryx_refsource_BID |
| http://www.thingslabo.com/cgi/bbs/download.html | x_refsource_CONFIRM |
Date Public
2011-02-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:09.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bbs-bbsthread-unspecified-xss(65852)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852"
},
{
"name": "43524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43524"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.thingslabo.com/cgi/bbs_thread/download.html"
},
{
"name": "JVNDB-2011-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015"
},
{
"name": "JVN#20982938",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN20982938/index.html"
},
{
"name": "46638",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46638"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.thingslabo.com/cgi/bbs/download.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "bbs-bbsthread-unspecified-xss(65852)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852"
},
{
"name": "43524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43524"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.thingslabo.com/cgi/bbs_thread/download.html"
},
{
"name": "JVNDB-2011-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015"
},
{
"name": "JVN#20982938",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN20982938/index.html"
},
{
"name": "46638",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46638"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.thingslabo.com/cgi/bbs/download.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-0455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bbs-bbsthread-unspecified-xss(65852)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852"
},
{
"name": "43524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43524"
},
{
"name": "http://www.thingslabo.com/cgi/bbs_thread/download.html",
"refsource": "CONFIRM",
"url": "http://www.thingslabo.com/cgi/bbs_thread/download.html"
},
{
"name": "JVNDB-2011-000015",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015"
},
{
"name": "JVN#20982938",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN20982938/index.html"
},
{
"name": "46638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46638"
},
{
"name": "http://www.thingslabo.com/cgi/bbs/download.html",
"refsource": "CONFIRM",
"url": "http://www.thingslabo.com/cgi/bbs/download.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2011-0455",
"datePublished": "2011-03-03T00:00:00.000Z",
"dateReserved": "2011-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:51:09.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2011-0455
Vulnerability from fkie_nvd - Published: 2011-03-03 01:00 - Updated: 2026-04-29 01:13
Severity
Summary
Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| thingslabo | things_bbs | * | |
| thingslabo | things_bbs | 1.0.4 | |
| thingslabo | things_bbs | 1.1.0 | |
| thingslabo | things_bbs | 2.0.0 | |
| thingslabo | things_bbs | 2.0.1 | |
| thingslabo | bbs_thread | * | |
| thingslabo | bbs_thread | 1.0.0 | |
| thingslabo | bbs_thread | 2.0.0 | |
| thingslabo | bbs_thread | 2.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:thingslabo:things_bbs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94AFD83D-5317-4E18-B439-474EE60C81E3",
"versionEndIncluding": "2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:thingslabo:things_bbs:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "622E72C6-AAFC-4749-93F0-A4445869636A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:thingslabo:things_bbs:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0AEB82FE-E318-4BD3-9C4E-F3E0479D2427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:thingslabo:things_bbs:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3A26E0-B6C1-4B5C-B84E-A19D79688EA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:thingslabo:things_bbs:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5C99159C-9758-476F-A053-BD6424D6E90A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:thingslabo:bbs_thread:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91DC6F3F-6098-4999-8CE6-B35FCE5D21F6",
"versionEndIncluding": "2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:thingslabo:bbs_thread:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "178570D4-18B4-4DED-95EB-CA2978CC91ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:thingslabo:bbs_thread:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB248DE9-FFB9-4362-8D5D-55431CB1263A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:thingslabo:bbs_thread:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "872C1B73-85B6-4D37-B3D1-A0926CC2E1A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Things BBS en versiones anteriores a 2.0.3 y BBS Thread anteriores a 2.0.3. Permite a atacantes remotos inyectar codigo de script web o c\u00f3digo HTML de su elecci\u00f3n a trav\u00e9s de vectores sin especificar."
}
],
"id": "CVE-2011-0455",
"lastModified": "2026-04-29T01:13:23.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-03T01:00:00.833",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN20982938/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43524"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/46638"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch"
],
"url": "http://www.thingslabo.com/cgi/bbs/download.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch"
],
"url": "http://www.thingslabo.com/cgi/bbs_thread/download.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN20982938/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46638"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.thingslabo.com/cgi/bbs/download.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.thingslabo.com/cgi/bbs_thread/download.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2011-0455 (GCVE-0-2011-0455)
Vulnerability from cvelistv5 – Published: 2011-03-03 00:00 – Updated: 2024-08-06 21:51
VLAI
Summary
Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://secunia.com/advisories/43524 | third-party-advisoryx_refsource_SECUNIA |
| http://www.thingslabo.com/cgi/bbs_thread/download.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015 | third-party-advisoryx_refsource_JVNDB |
| http://jvn.jp/en/jp/JVN20982938/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/46638 | vdb-entryx_refsource_BID |
| http://www.thingslabo.com/cgi/bbs/download.html | x_refsource_CONFIRM |
Date Public
2011-02-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:09.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "bbs-bbsthread-unspecified-xss(65852)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852"
},
{
"name": "43524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43524"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.thingslabo.com/cgi/bbs_thread/download.html"
},
{
"name": "JVNDB-2011-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015"
},
{
"name": "JVN#20982938",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN20982938/index.html"
},
{
"name": "46638",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46638"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.thingslabo.com/cgi/bbs/download.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "bbs-bbsthread-unspecified-xss(65852)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852"
},
{
"name": "43524",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43524"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.thingslabo.com/cgi/bbs_thread/download.html"
},
{
"name": "JVNDB-2011-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015"
},
{
"name": "JVN#20982938",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN20982938/index.html"
},
{
"name": "46638",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46638"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.thingslabo.com/cgi/bbs/download.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-0455",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Things BBS before 2.0.3 and BBS Thread before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "bbs-bbsthread-unspecified-xss(65852)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65852"
},
{
"name": "43524",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43524"
},
{
"name": "http://www.thingslabo.com/cgi/bbs_thread/download.html",
"refsource": "CONFIRM",
"url": "http://www.thingslabo.com/cgi/bbs_thread/download.html"
},
{
"name": "JVNDB-2011-000015",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000015"
},
{
"name": "JVN#20982938",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN20982938/index.html"
},
{
"name": "46638",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46638"
},
{
"name": "http://www.thingslabo.com/cgi/bbs/download.html",
"refsource": "CONFIRM",
"url": "http://www.thingslabo.com/cgi/bbs/download.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2011-0455",
"datePublished": "2011-03-03T00:00:00.000Z",
"dateReserved": "2011-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:51:09.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}