Lucene search

[email protected]CVE-2006-0246

HistoryJan 18, 2006 - 2:00 a.m.

CVE-2006-0246

2006-01-1802:00:00

[email protected]

web.nvd.nist.gov

widexl

download tracker

xss

vulnerability

remote attackers

web script

html

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

Cross-site scripting (XSS) vulnerability in down.pl in Widexl Download Tracker 1.06 allows remote attackers to inject arbitrary web script or HTML via the ID parameter.

Affected configurations

NVD

Node

widexldownload_trackerMatch1.0.6

CPENameOperatorVersion
widexl:download_trackerwidexl download trackereq1.0.6

CPE	Name	Operator	Version
widexl:download_tracker	widexl download tracker	eq	1.0.6

References

osvdb.org/ref/22/22462-widexl.txt

secunia.com/advisories/18472

www.osvdb.org/22462

www.securityfocus.com/bid/16265

www.vupen.com/english/advisories/2006/0213

exchange.xforce.ibmcloud.com/vulnerabilities/24161

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for CVE-2006-0246

nvd1 prion1 cvelist1