Lucene search

MitreCVE-2006-3765

HistoryJul 21, 2006 - 2:03 p.m.

CVE-2006-3765

2006-07-2114:03:00

mitre

web.nvd.nist.gov

cve-2006-3765

xss

cross-site scripting

huttenlocher webdesign

hwdeguest 2.1.1

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.1

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher Webdesign hwdeGUEST 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated by the “name input” field in new_entry.php.

Affected configurations

Nvd

Node

huttenlocher_webdesignhwdeguestRange≤2.1.1

VendorProductVersionCPE
huttenlocher_webdesignhwdeguest*cpe:2.3:a:huttenlocher_webdesign:hwdeguest:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huttenlocher_webdesign	hwdeguest	*	cpe:2.3:a:huttenlocher_webdesign:hwdeguest::::::::

References

securityreason.com/securityalert/1258

securitytracker.com/id?1016549

www.securityfocus.com/archive/1/440455/100/0/threaded

www.securityfocus.com/bid/19053

www.vupen.com/english/advisories/2006/2871

exchange.xforce.ibmcloud.com/vulnerabilities/27805

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.1

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Related for CVE-2006-3765