{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-21T15:29:14.058","vulnerabilities":[{"cve":{"id":"CVE-2006-6174","sourceIdentifier":"cve@mitre.org","published":"2006-11-30T16:28:00.000","lastModified":"2026-06-16T22:32:37.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in tDiary before 2.0.3 and 2.1.x before 2.1.4.20061126 allows remote attackers to inject arbitrary web script or HTML via the conf parameter in (1) tdiary.rb and (2) skel/conf.rhtml."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en tDiary en versiones anteriores a la 2.0.3 y en la versión 2.1.x anterior a la aparición del 2.1.4.20061126 permite a atacantes remotos la inyección de secuencias de comandos web o HTML de su elección a través del parámetro conf en el (1) tdiary.rb y (2) skel/conf.rhtml."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tdiary:tdiary:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"A7D4A716-2D1B-47F0-BB24-EC8364CCD5FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:tdiary:tdiary:2.1.4.2006-11-15:*:*:*:*:*:*:*","matchCriteriaId":"DF7348AF-25D3-41A9-86DA-543299E8BF8D"}]}]}],"references":[{"url":"http://jvn.jp/jp/JVN%2347223461/index.html","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/23092","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://sourceforge.net/forum/forum.php?forum_id=638868","source":"cve@mitre.org","tags":["Patch"]},{"url":"http://www.osvdb.org/30701","source":"cve@mitre.org"},{"url":"http://www.osvdb.org/31993","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/21321","source":"cve@mitre.org"},{"url":"http://www.tdiary.org/20061126.html","source":"cve@mitre.org"},{"url":"http://www.tdiary.org/download/tdiary.20061126.patch","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2006/4722","source":"cve@mitre.org"},{"url":"http://jvn.jp/jp/JVN%2347223461/index.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/23092","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://sourceforge.net/forum/forum.php?forum_id=638868","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.osvdb.org/30701","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.osvdb.org/31993","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/21321","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.tdiary.org/20061126.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.tdiary.org/download/tdiary.20061126.patch","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2006/4722","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}