Lucene search

[email protected]CVE-2006-1080

HistoryMar 09, 2006 - 12:02 a.m.

CVE-2006-1080

2006-03-0900:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1080

cross-site scripting

xss

game-panel 2.6.1

security vulnerability

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter, possibly requiring a URL encoded value.

Affected configurations

NVD

Node

game-panelgame-panelMatch2.6

game-panelgame-panelMatch2.6.1

CPENameOperatorVersion
game-panel:game-panelgame-paneleq2.6
game-panel:game-panelgame-paneleq2.6.1

CPE	Name	Operator	Version
game-panel:game-panel	game-panel	eq	2.6
game-panel:game-panel	game-panel	eq	2.6.1

References

notlegal.ws/gamepanel.txt

secunia.com/advisories/19143

www.securityfocus.com/archive/1/426825/100/0/threaded

www.securityfocus.com/bid/16979

www.vupen.com/english/advisories/2006/0864

exchange.xforce.ibmcloud.com/vulnerabilities/25144

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for CVE-2006-1080

cvelist1 prion1 nvd1