{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-06-30T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple cross-site scripting (XSS) vulnerabilities in Buddy Zone 1.0.1 allow remote attackers to inject arbitrary HTML and web script via the (1) cat_id parameter to (a) view_classifieds.php; (2) id parameter in (b) view_ad.php; (3) event_id parameter in (c) view_event.php, (d) delete_event.php, and (e) edit_event.php; and (4) group_id in (f) view_group.php."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-18T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"1209","tags":["third-party-advisory","x_refsource_SREASON"],"url":"http://securityreason.com/securityalert/1209"},{"name":"26985","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26985"},{"name":"26981","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26981"},{"name":"26990","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26990"},{"name":"26991","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26991"},{"name":"26988","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26988"},{"name":"buddy-zone-multiple-scripts-sql-injection(27514)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27514"},{"name":"26989","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26989"},{"name":"26982","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26982"},{"name":"18759","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/18759"},{"name":"26984","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26984"},{"name":"26983","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26983"},{"name":"26992","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26992"},{"name":"20060630 Buddy Zone Version 1.0.1 - XSS","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/438868/100/0/threaded"},{"name":"26979","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26979"},{"name":"20933","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20933"},{"name":"26993","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26993"},{"name":"20060715 Re: Buddy Zone Version 1.0.1 - XSS","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/440144/100/100/threaded"},{"name":"ADV-2006-2645","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/2645"},{"name":"26980","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/26980"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-3494","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple cross-site scripting (XSS) vulnerabilities in Buddy Zone 1.0.1 allow remote attackers to inject arbitrary HTML and web script via the (1) cat_id parameter to (a) view_classifieds.php; (2) id parameter in (b) view_ad.php; (3) event_id parameter in (c) view_event.php, (d) delete_event.php, and (e) edit_event.php; and (4) group_id in (f) view_group.php."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1209","refsource":"SREASON","url":"http://securityreason.com/securityalert/1209"},{"name":"26985","refsource":"OSVDB","url":"http://www.osvdb.org/26985"},{"name":"26981","refsource":"OSVDB","url":"http://www.osvdb.org/26981"},{"name":"26990","refsource":"OSVDB","url":"http://www.osvdb.org/26990"},{"name":"26991","refsource":"OSVDB","url":"http://www.osvdb.org/26991"},{"name":"26988","refsource":"OSVDB","url":"http://www.osvdb.org/26988"},{"name":"buddy-zone-multiple-scripts-sql-injection(27514)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27514"},{"name":"26989","refsource":"OSVDB","url":"http://www.osvdb.org/26989"},{"name":"26982","refsource":"OSVDB","url":"http://www.osvdb.org/26982"},{"name":"18759","refsource":"BID","url":"http://www.securityfocus.com/bid/18759"},{"name":"26984","refsource":"OSVDB","url":"http://www.osvdb.org/26984"},{"name":"26983","refsource":"OSVDB","url":"http://www.osvdb.org/26983"},{"name":"26992","refsource":"OSVDB","url":"http://www.osvdb.org/26992"},{"name":"20060630 Buddy Zone Version 1.0.1 - XSS","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/438868/100/0/threaded"},{"name":"26979","refsource":"OSVDB","url":"http://www.osvdb.org/26979"},{"name":"20933","refsource":"SECUNIA","url":"http://secunia.com/advisories/20933"},{"name":"26993","refsource":"OSVDB","url":"http://www.osvdb.org/26993"},{"name":"20060715 Re: Buddy Zone Version 1.0.1 - XSS","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/440144/100/100/threaded"},{"name":"ADV-2006-2645","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/2645"},{"name":"26980","refsource":"OSVDB","url":"http://www.osvdb.org/26980"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T18:30:33.905Z"},"title":"CVE Program Container","references":[{"name":"1209","tags":["third-party-advisory","x_refsource_SREASON","x_transferred"],"url":"http://securityreason.com/securityalert/1209"},{"name":"26985","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26985"},{"name":"26981","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26981"},{"name":"26990","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26990"},{"name":"26991","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26991"},{"name":"26988","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26988"},{"name":"buddy-zone-multiple-scripts-sql-injection(27514)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/27514"},{"name":"26989","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26989"},{"name":"26982","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26982"},{"name":"18759","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/18759"},{"name":"26984","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26984"},{"name":"26983","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26983"},{"name":"26992","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26992"},{"name":"20060630 Buddy Zone Version 1.0.1 - XSS","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/438868/100/0/threaded"},{"name":"26979","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26979"},{"name":"20933","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20933"},{"name":"26993","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26993"},{"name":"20060715 Re: Buddy Zone Version 1.0.1 - XSS","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/440144/100/100/threaded"},{"name":"ADV-2006-2645","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/2645"},{"name":"26980","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/26980"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-3494","datePublished":"2006-07-10T22:00:00.000Z","dateReserved":"2006-07-10T00:00:00.000Z","dateUpdated":"2024-08-07T18:30:33.905Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}