Lucene search

[email protected]CVE-2006-0069

HistoryJan 03, 2006 - 11:03 p.m.

CVE-2006-0069

2006-01-0323:03:00

[email protected]

web.nvd.nist.gov

cve-2006-0069

vulnerability

xss

web script

html

chipmunk guestbook

addentry.php

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

Cross-site scripting (XSS) vulnerability in addentry.php in Chipmunk Guestbook 1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the homepage parameter.

Affected configurations

NVD

Node

chipmunk_scriptschipmunk_guestbookRange≤1.4

CPENameOperatorVersion
chipmunk_scripts:chipmunk_guestbookchipmunk scripts chipmunk guestbookle1.4

CPE	Name	Operator	Version
chipmunk_scripts:chipmunk_guestbook	chipmunk scripts chipmunk guestbook	le	1.4

References

evuln.com/vulns/4/summary.html

secunia.com/advisories/18270

www.securityfocus.com/archive/1/420667/100/0/threaded

www.securityfocus.com/bid/16112

www.securityfocus.com/bid/19087

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

Related for CVE-2006-0069

prion1 nvd1 cvelist1