Unrated severityNVD Advisory· Published Mar 14, 2006· Updated Apr 16, 2026

CVE-2006-1222

Description

Multiple cross-site scripting (XSS) vulnerabilities in zeroboard 4.1 pl7 allows allow remote attackers to inject arbitrary web script or HTML via the (1) memo box title, (2) user email, and (3) homepage fields.

Affected products

Zeroboard/Zeroboard6 versions
cpe:2.3:a:zeroboard:zeroboard:4.1_pl2:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:zeroboard:zeroboard:4.1_pl2:*:*:*:*:*:*:*
- cpe:2.3:a:zeroboard:zeroboard:4.1_pl3:*:*:*:*:*:*:*
- cpe:2.3:a:zeroboard:zeroboard:4.1_pl4:*:*:*:*:*:*:*
- cpe:2.3:a:zeroboard:zeroboard:4.1_pl5:*:*:*:*:*:*:*
- cpe:2.3:a:zeroboard:zeroboard:4.1_pl6:*:*:*:*:*:*:*
- cpe:2.3:a:zeroboard:zeroboard:4.1_pl7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19214nvdPatchVendor Advisory
www.securityfocus.com/bid/17075nvdPatch
lists.grok.org.uk/pipermail/full-disclosure/2006-March/042872.htmlnvdExploitPatchVendor Advisory
www.inetcop.org/upfiles/33INCSA.2006-0x82-029-zeroboard.pdfnvdVendor Advisory
www.nzeo.com/bbs/zboard.phpnvd
www.osvdb.org/23847nvd
www.securityfocus.com/archive/1/427466/100/0/threadednvd
www.vupen.com/english/advisories/2006/0944nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25212nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000