Unrated severityNVD Advisory· Published Jan 6, 2006· Updated Jun 16, 2026
CVE-2006-0102
CVE-2006-0102
Description
Cross-site scripting (XSS) vulnerability in TinyPHPForum (TPF) 3.6 and earlier allows remote attackers to inject arbitrary web script via a javascript: scheme in an "[a]" bbcode tag, possibly the txt parameter to action.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:ralph_capper:tinyphpforum:3.46:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:ralph_capper:tinyphpforum:3.46:*:*:*:*:*:*:*
- cpe:2.3:a:ralph_capper:tinyphpforum:3.47:*:*:*:*:*:*:*
- cpe:2.3:a:ralph_capper:tinyphpforum:3.48:*:*:*:*:*:*:*
- cpe:2.3:a:ralph_capper:tinyphpforum:3.49:*:*:*:*:*:*:*
- cpe:2.3:a:ralph_capper:tinyphpforum:3.499:*:*:*:*:*:*:*
- cpe:2.3:a:ralph_capper:tinyphpforum:3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ralph_capper:tinyphpforum:3.6:*:*:*:*:*:*:*
- (no CPE)range: <=3.6
Patches
Vulnerability mechanics
References
7- securitytracker.com/idnvdExploit
- evuln.com/vulns/14/summary.htmlnvdVendor Advisory
- secunia.com/advisories/18293nvdVendor Advisory
- securityreason.com/securityalert/320nvd
- www.osvdb.org/22256nvd
- www.securityfocus.com/archive/1/420933/100/0/threadednvd
- www.vupen.com/english/advisories/2006/0054nvd
News mentions
0No linked articles in our index yet.