Unrated severityNVD Advisory· Published Aug 11, 2006· Updated Jun 16, 2026
CVE-2006-4080
CVE-2006-4080
Description
DeluxeBB 1.08, and possibly earlier, uses cookies that include the MD5 hash of a password, which allows remote attackers to gain privileges by sniffing or cross-site scripting (XSS) and conduct password guessing attacks.
Affected products
6cpe:2.3:a:deluxebb:deluxebb:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:deluxebb:deluxebb:*:*:*:*:*:*:*:*range: <=1.08
- cpe:2.3:a:deluxebb:deluxebb:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:deluxebb:deluxebb:1.05:*:*:*:*:*:*:*
- cpe:2.3:a:deluxebb:deluxebb:1.06:*:*:*:*:*:*:*
- cpe:2.3:a:deluxebb:deluxebb:1.07:*:*:*:*:*:*:*
- (no CPE)range: <=1.08
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.