Lucene search
MitreCVE-2006-5114HistoryOct 03, 2006 - 4:03 a.m.
CVE-2006-5114
2006-10-0304:03:00
mitre
web.nvd.nist.gov
32
cve-2006-5114
cross-site scripting
xss
sap
internet transaction server
its 6.1
its 6.2
security vulnerability
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
5.6
Confidence
High
EPSS
0.945
Percentile
99.2%
Multiple cross-site scripting (XSS) vulnerabilities in wgate in SAP Internet Transaction Server (ITS) 6.1 and 6.2 allow remote attackers to inject arbitrary web script or HTML via the (1) ~urlmime or (2) ~command parameter, different vectors than CVE-2003-0749.
Affected configurations
Node
sapinternet_transaction_serverMatch6.1
ORsapinternet_transaction_serverMatch6.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sap | internet_transaction_server | 6.1 | cpe:2.3:a:sap:internet_transaction_server:6.1:*:*:*:*:*:*:* |
| sap | internet_transaction_server | 6.2 | cpe:2.3:a:sap:internet_transaction_server:6.2:*:*:*:*:*:*:* |
Related
nvd
nvd
cvelist
cvelist
exploitdb
exploitdb
SAP Internet Transaction Server 6.10/6.20 - Cross-Site Scripting
2006-09-28 00:00:00
nessus
nessus
SAP Internet Transaction Server wgate Multiple Parameter XSS
2006-09-28 00:00:00
prion
prion
Cross site scripting
2008-05-09 18:20:00
cve
cve
CVE-2008-2123
2008-05-09 18:20:00
CVE-2003-0749
2003-10-20 04:00:00
checkpoint_advisories
checkpoint_advisories
packetstorm
packetstorm
SAP-07-010.txt
2008-05-09 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
5.6
Confidence
High
EPSS
0.945
Percentile
99.2%
Related for CVE-2006-5114