Lucene search

[email protected]NVD:CVE-2006-7078

HistoryMar 02, 2007 - 9:18 p.m.

CVE-2006-7078

2007-03-0221:18:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Professional Home Page Tools Login Script, as of July 2006, allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) vorname, and (3) nachname parameters in the register script. NOTE: some details have been obtained from third party sources.

Affected configurations

Nvd

Node

professional_home_page_tools_login_scriptprofessional_home_page_tools_login_script

VendorProductVersionCPE
professional_home_page_tools_login_scriptprofessional_home_page_tools_login_script*cpe:2.3:a:professional_home_page_tools_login_script:professional_home_page_tools_login_script:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
professional_home_page_tools_login_script	professional_home_page_tools_login_script	*	cpe:2.3:a:professional_home_page_tools_login_script:professional_home_page_tools_login_script::::::::

References

lists.grok.org.uk/pipermail/full-disclosure/2006-July/048194.html

secunia.com/advisories/21206

securityreason.com/securityalert/2329

www.securityfocus.com/archive/1/441194/100/0/threaded

www.vupen.com/english/advisories/2006/2981

exchange.xforce.ibmcloud.com/vulnerabilities/27967

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Related for NVD:CVE-2006-7078

cvelist1 cve1