Lucene search

MitreCVE-2006-5120

HistoryOct 03, 2006 - 4:03 a.m.

CVE-2006-5120

2006-10-0304:03:00

mitre

web.nvd.nist.gov

cve-2006-5120

cross-site scripting

xss

scott metoyer red mombin 0.7

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

AI Score

Confidence

High

EPSS

0.008

Percentile

81.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Scott Metoyer Red Mombin 0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) index.php and (2) process_login.php.

Affected configurations

Nvd

Node

scott_metoyerred_mombinMatch0.7

VendorProductVersionCPE
scott_metoyerred_mombin0.7cpe:2.3:a:scott_metoyer:red_mombin:0.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
scott_metoyer	red_mombin	0.7	cpe:2.3:a:scott_metoyer:red_mombin:0.7:::::::*

References

securityreason.com/securityalert/1668

www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0002

www.securityfocus.com/archive/1/447255/100/0/threaded

www.securityfocus.com/bid/20243

exchange.xforce.ibmcloud.com/vulnerabilities/29241

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

AI Score

Confidence

High

EPSS

0.008

Percentile

81.6%

JSON

Related for CVE-2006-5120