Lucene search

[email protected]NVD:CVE-2006-3212

HistoryJun 24, 2006 - 1:06 a.m.

CVE-2006-3212

2006-06-2401:06:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

68.9%

JSON

Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject web script or HTML via the (1) name, (2) email, (3) add, and (4) wName parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

cjguestbookcjguestbookRange≤1.3

cjguestbookcjguestbookMatch1.2

VendorProductVersionCPE
cjguestbookcjguestbook*cpe:2.3:a:cjguestbook:cjguestbook:*:*:*:*:*:*:*:*
cjguestbookcjguestbook1.2cpe:2.3:a:cjguestbook:cjguestbook:1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cjguestbook	cjguestbook	*	cpe:2.3:a:cjguestbook:cjguestbook::::::::
cjguestbook	cjguestbook	1.2	cpe:2.3:a:cjguestbook:cjguestbook:1.2:::::::*

References

secunia.com/advisories/20751

www.securityfocus.com/bid/18591

www.vupen.com/english/advisories/2006/2488

exchange.xforce.ibmcloud.com/vulnerabilities/27326

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.003

Percentile

68.9%

JSON

Related for NVD:CVE-2006-3212

cvelist1 cve1