VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 16, 2006· Updated Apr 16, 2026

CVE-2006-0735

CVE-2006-0735

Description

Cross-site scripting (XSS) vulnerability in BBcode.pm in M. Blom HTML::BBCode 1.04 and earlier, as used in products such as My Blog before 1.65, allows remote attackers to inject arbitrary Javascript via a javascript URI in an (1) img or (2) url BBcode tag.

Affected products

18
  • Fuzzymonkey/My Blog16 versions
    cpe:2.3:a:fuzzymonkey:my_blog:1.0:*:*:*:*:*:*:*+ 15 more
    • cpe:2.3:a:fuzzymonkey:my_blog:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.21:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.22:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.23:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.31:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.51:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.52:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.61:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.62:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.63:*:*:*:*:*:*:*
    • cpe:2.3:a:fuzzymonkey:my_blog:1.64:*:*:*:*:*:*:*
  • M Blom/HTML Bbcode2 versions
    cpe:2.3:a:m_blom:html-bbcode:1.03:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:m_blom:html-bbcode:1.03:*:*:*:*:*:*:*
    • cpe:2.3:a:m_blom:html-bbcode:1.04:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

14

News mentions

0

No linked articles in our index yet.