Lucene search

[email protected]NVD:CVE-2006-0180

HistoryJan 12, 2006 - 6:02 a.m.

CVE-2006-0180

2006-01-1206:02:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.011

Percentile

84.5%

JSON

Cross-site scripting (XSS) vulnerability in CaLogic Calendars 1.2.2 allows remote attackers to inject arbitrary web script or HTML via the Title field on the “Adding New Event” page, and possibly other vectors, involving iframe tags.

Affected configurations

Nvd

Node

calogiccalogic_calendarsMatch1.2.2

VendorProductVersionCPE
calogiccalogic_calendars1.2.2cpe:2.3:a:calogic:calogic_calendars:1.2.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
calogic	calogic_calendars	1.2.2	cpe:2.3:a:calogic:calogic_calendars:1.2.2:::::::*

References

evuln.com/vulns/24/summary.html

secunia.com/advisories/18417

www.osvdb.org/22322

www.securityfocus.com/archive/1/422163/100/0/threaded

www.securityfocus.com/bid/16206

www.vupen.com/english/advisories/2006/0149

exchange.xforce.ibmcloud.com/vulnerabilities/24077

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.011

Percentile

84.5%

JSON

Related for NVD:CVE-2006-0180

prion1 cvelist1 cve1