Lucene search

MitreCVE-2006-0706

HistoryFeb 15, 2006 - 11:06 a.m.

CVE-2006-0706

2006-02-1511:06:00

CWE-79

mitre

web.nvd.nist.gov

cve

2006

0706

cross-site scripting

vulnerability

eintrag.php

gästebuch

gastebuch

remote attackers

arbitrary

web script

html

url

homepage parameter

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.011

Percentile

84.6%

JSON

Cross-site scripting vulnerability in eintrag.php in Gästebuch (Gastebuch) before 1.3.3 allows remote attackers to inject arbitrary web script or HTML via the URL, which is used in the homepage parameter.

Affected configurations

Nvd

Node

gastebuchgastebuchRange≤1.3.2

VendorProductVersionCPE
gastebuchgastebuch*cpe:2.3:a:gastebuch:gastebuch:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gastebuch	gastebuch	*	cpe:2.3:a:gastebuch:gastebuch::::::::

References

marc.info/?l=bugtraq&m=113986789801121&w=2

secunia.com/advisories/18849

www.php4scripte.de/index.php

www.securityfocus.com/bid/16615

www.vupen.com/english/advisories/2006/0566

exchange.xforce.ibmcloud.com/vulnerabilities/24670

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.011

Percentile

84.6%

JSON

Related for CVE-2006-0706