CVE-2006-0473

my little homepage my little weblog - Cross-Site Scripting via BBcode Link Tag

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-0473. PoCs published by Aliaksandr Hartsuyeu.

AI-analyzed exploit summary The provided text describes a script injection vulnerability in My Little Homepage Web log, guestbook, and forum due to improper input sanitization. It includes BBCode examples demonstrating how attacker-supplied HTML and script code can be executed.

Description

Cross-site scripting (XSS) vulnerability in the bbcode function in weblog.php in my little homepage my little weblog, as last modified in April 2004, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Aliaksandr Hartsuyeu · textwebappsphp
https://www.exploit-db.com/exploits/27139

The provided text describes a script injection vulnerability in My Little Homepage Web log, guestbook, and forum due to improper input sanitization. It includes BBCode examples demonstrating how attacker-supplied HTML and script code can be executed.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: My Little Homepage Web log, guestbook, and forum
No auth needed
Prerequisites: User interaction to click on malicious link
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (10)

Core 10
Core References
Various Sources mailing-list x_refsource_vim
http://attrition.org/pipermail/vim/2006-January/000520.html
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/18628
Exploit, Vendor Advisory x_refsource_misc
http://evuln.com/vulns/51/summary.html
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/16395
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/22753
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/423167/100/0/threaded
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/0349
Various Sources x_refsource_misc
http://evuln.com/vulns/51/
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/24310
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/378

Scores

EPSS 0.0256
EPSS Percentile 83.1%

Details

Status published
Products (1)
my_little_homepage/my_little_weblog 2004-04-20
Published Jan 31, 2006
Tracked Since Feb 18, 2026