Lucene search

[email protected]NVD:CVE-2006-6153

HistoryNov 28, 2006 - 11:28 p.m.

CVE-2006-6153

2006-11-2823:28:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

77.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to inject arbitrary web script or HTML via (1) catname parameter to cat.asp or the (2) minprice parameter to search.asp.

Affected configurations

Nvd

Node

vspin.netclassified_systemMatch2004

VendorProductVersionCPE
vspin.netclassified_system2004cpe:2.3:a:vspin.net:classified_system:2004:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
vspin.net	classified_system	2004	cpe:2.3:a:vspin.net:classified_system:2004:::::::*

References

s-a-p.ca/index.php?page=OurAdvisories&id=47

secunia.com/advisories/22987

securityreason.com/securityalert/1926

securitytracker.com/id?1017259

www.securityfocus.com/archive/1/452179/100/100/threaded

www.securityfocus.com/bid/21190

exchange.xforce.ibmcloud.com/vulnerabilities/30446

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

77.6%

JSON

Related for NVD:CVE-2006-6153

exploitdb2 cvelist1 cve1