VYPR
Unrated severityNVD Advisory· Published Jan 6, 2006· Updated Jun 16, 2026

CVE-2006-0102

CVE-2006-0102

Description

Cross-site scripting (XSS) vulnerability in TinyPHPForum (TPF) 3.6 and earlier allows remote attackers to inject arbitrary web script via a javascript: scheme in an "[a]" bbcode tag, possibly the txt parameter to action.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • cpe:2.3:a:ralph_capper:tinyphpforum:3.46:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.46:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.47:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.48:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.49:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.499:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ralph_capper:tinyphpforum:3.6:*:*:*:*:*:*:*
    • (no CPE)range: <=3.6

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.