Lucene search

[email protected]CVE-2006-0210

HistoryJan 14, 2006 - 1:03 a.m.

CVE-2006-0210

2006-01-1401:03:00

[email protected]

web.nvd.nist.gov

cve-2006-0210

cross-site scripting

xss

interspire trackpoint nx

index.php

web script injection

html injection

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.6%

JSON

Cross-site scripting (XSS) vulnerability in index.php in Interspire TrackPoint NX before 0.1 allows remote attackers to inject arbitrary web script or HTML via the username parameter when using the Login page.

Affected configurations

NVD

Node

interspiretrackpoint_nx

CPENameOperatorVersion
interspire:trackpoint_nxinterspire trackpoint nxeq*

CPE	Name	Operator	Version
interspire:trackpoint_nx	interspire trackpoint nx	eq	*

References

secunia.com/advisories/18445

www.interspire.com/forum/showthread.php?p=29606

www.osvdb.org/22377

www.securityfocus.com/archive/1/421740/100/0/threaded

www.securityfocus.com/bid/16214

www.vupen.com/english/advisories/2006/0175

exchange.xforce.ibmcloud.com/vulnerabilities/24112

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.6%

JSON

Related for CVE-2006-0210

prion1 cvelist1 nvd1