Lucene search

MitreCVE-2006-1950

HistoryApr 20, 2006 - 10:02 p.m.

CVE-2006-1950

2006-04-2022:02:00

mitre

web.nvd.nist.gov

cve-2006-1950

cross-site scripting

xss

perlcoders bannerfarm

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.007

Percentile

80.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in banners.cgi in PerlCoders BannerFarm 2.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) aff and (2) cat parameters.

Affected configurations

Nvd

Node

perlcoders_groupbannerfarmMatch2.3

VendorProductVersionCPE
perlcoders_groupbannerfarm2.3cpe:2.3:a:perlcoders_group:bannerfarm:2.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
perlcoders_group	bannerfarm	2.3	cpe:2.3:a:perlcoders_group:bannerfarm:2.3:::::::*

References

pridels0.blogspot.com/2006/04/bannerfarm-xss-vuln.html

secunia.com/advisories/19718

www.osvdb.org/24728

www.securityfocus.com/bid/17613

www.vupen.com/english/advisories/2006/1410

exchange.xforce.ibmcloud.com/vulnerabilities/25919

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.007

Percentile

80.6%

JSON

Related for CVE-2006-1950