Lucene search

[email protected]NVD:CVE-2006-2423

HistoryMay 17, 2006 - 10:06 a.m.

CVE-2006-2423

2006-05-1710:06:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.006

Percentile

79.5%

JSON

Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter.

Affected configurations

Nvd

Node

swsoftconfixxRange≤3.1.2

swsoftconfixxMatch3.0.6

swsoftconfixxMatch3.0.8

VendorProductVersionCPE
swsoftconfixx*cpe:2.3:a:swsoft:confixx:*:*:*:*:*:*:*:*
swsoftconfixx3.0.6cpe:2.3:a:swsoft:confixx:3.0.6:*:*:*:*:*:*:*
swsoftconfixx3.0.8cpe:2.3:a:swsoft:confixx:3.0.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
swsoft	confixx	*	cpe:2.3:a:swsoft:confixx::::::::
swsoft	confixx	3.0.6	cpe:2.3:a:swsoft:confixx:3.0.6:::::::*
swsoft	confixx	3.0.8	cpe:2.3:a:swsoft:confixx:3.0.8:::::::*

References

secunia.com/advisories/20105

securityreason.com/securityalert/687

securityreason.com/securityalert/903

www.osvdb.org/25525

www.securityfocus.com/archive/1/434034/100/0/threaded

www.securityfocus.com/bid/17984

www.vupen.com/english/advisories/2006/1817

exchange.xforce.ibmcloud.com/vulnerabilities/26472

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.006

Percentile

79.5%

JSON

Related for NVD:CVE-2006-2423

cvelist1 prion1 cve1 exploitdb1