Lucene search

[email protected]CVE-2006-0078

HistoryJan 04, 2006 - 11:00 a.m.

CVE-2006-0078

2006-01-0411:00:00

[email protected]

web.nvd.nist.gov

cve

2006

0078

cross-site scripting

xss

vulnerabilities

b-net software 1.0

remote attackers

web script

html

shout.php

guestbook.php

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.044 Low

EPSS

Percentile

92.5%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in B-net Software 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) shout variables to (a) shout.php, or the (3) title and (4) message variables to (b) guestbook.php.

Affected configurations

NVD

Node

haddad_saidb-net_softwareMatch1.0

CPENameOperatorVersion
haddad_said:b-net_softwarehaddad said b-net softwareeq1.0

CPE	Name	Operator	Version
haddad_said:b-net_software	haddad said b-net software	eq	1.0

References

evuln.com/vulns/10/summary.html

secunia.com/advisories/18271

securityreason.com/securityalert/316

sourceforge.net/project/shownotes.php?release_id=442067&group_id=117067

www.osvdb.org/22190

www.osvdb.org/22191

www.securityfocus.com/archive/1/420673/100/0/threaded

www.securityfocus.com/archive/1/444320/100/0/threaded

www.securityfocus.com/bid/16114

www.vupen.com/english/advisories/2006/0018

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.044 Low

EPSS

Percentile

92.5%

JSON

Related for CVE-2006-0078

nvd1 checkpoint_advisories1 prion1 cvelist1