Lucene search

K
cveMitreCVE-2006-1122
HistoryMar 09, 2006 - 9:02 p.m.

CVE-2006-1122

2006-03-0921:02:00
mitre
web.nvd.nist.gov
27
cve-2006-1122
cross-site scripting
xss
d2kblog 1.0.3
security vulnerability

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.7

Confidence

High

EPSS

0.011

Percentile

84.4%

Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Affected configurations

Nvd
Node
d2ksoftd2kblogMatch1.0
OR
d2ksoftd2kblogMatch1.0.1
OR
d2ksoftd2kblogMatch1.0.2
OR
d2ksoftd2kblogMatch1.0.3
VendorProductVersionCPE
d2ksoftd2kblog1.0cpe:2.3:a:d2ksoft:d2kblog:1.0:*:*:*:*:*:*:*
d2ksoftd2kblog1.0.1cpe:2.3:a:d2ksoft:d2kblog:1.0.1:*:*:*:*:*:*:*
d2ksoftd2kblog1.0.2cpe:2.3:a:d2ksoft:d2kblog:1.0.2:*:*:*:*:*:*:*
d2ksoftd2kblog1.0.3cpe:2.3:a:d2ksoft:d2kblog:1.0.3:*:*:*:*:*:*:*

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.7

Confidence

High

EPSS

0.011

Percentile

84.4%

Related for CVE-2006-1122