Lucene search

[email protected]CVE-2006-1414

HistoryMar 28, 2006 - 8:02 p.m.

CVE-2006-1414

2006-03-2820:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1414

cross-site scripting

xss

vulnerabilities

web script

html

remote attackers

toast forums

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in Toast Forums 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) author, (2) subject, (3) message, or (4) dayprune parameter.

Affected configurations

NVD

Node

toast_forumstoast_forumsMatch1.6

CPENameOperatorVersion
toast_forums:toast_forumstoast forumseq1.6

CPE	Name	Operator	Version
toast_forums:toast_forums	toast forums	eq	1.6

References

pridels0.blogspot.com/2006/03/xss-in-toast-forums-16.html

secunia.com/advisories/19401

www.osvdb.org/24119

www.securityfocus.com/bid/17249

www.vupen.com/english/advisories/2006/1092

exchange.xforce.ibmcloud.com/vulnerabilities/25440

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.0%

JSON

Related for CVE-2006-1414

nvd1 prion1 cvelist1