Lucene search

MitreCVE-2006-3051

HistoryJun 16, 2006 - 10:02 a.m.

CVE-2006-3051

2006-06-1610:02:00

mitre

web.nvd.nist.gov

cve-2006-3051

cross-site scripting

xss

sixcms 6.0

security vulnerability

nvd

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.1

Confidence

High

EPSS

0.037

Percentile

91.7%

JSON

Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to inject arbitrary script code or HTML via the page parameter.

Affected configurations

Nvd

Node

six_offene_systeme_gmbhsixcmsRange≤6.0

VendorProductVersionCPE
six_offene_systeme_gmbhsixcms*cpe:2.3:a:six_offene_systeme_gmbh:sixcms:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
six_offene_systeme_gmbh	sixcms	*	cpe:2.3:a:six_offene_systeme_gmbh:sixcms::::::::

References

secunia.com/advisories/20655

securityreason.com/securityalert/1101

securitytracker.com/id?1016282

www.majorsecurity.de/advisory/major_rls17.txt

www.securityfocus.com/archive/1/437047/100/0/threaded

www.securityfocus.com/archive/1/437639/100/0/threaded

www.securityfocus.com/bid/18393

www.vupen.com/english/advisories/2006/2386

exchange.xforce.ibmcloud.com/vulnerabilities/27108

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.1

Confidence

High

EPSS

0.037

Percentile

91.7%

JSON

Related for CVE-2006-3051