Lucene search

[email protected]CVE-2006-1417

HistoryMar 28, 2006 - 8:02 p.m.

CVE-2006-1417

2006-03-2820:02:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2006-1417

xss

caloris planitia online quiz system

web quiz pro

nvd

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planitia Online Quiz System (aka Web Quiz pro), possibly 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) exam parameter in prequiz.asp or (2) msg parameter in student.asp.

CPENameOperatorVersion
caloris_planitia_technologies:web_quiz_procaloris planitia technologies web quiz proeq1.0

CPE	Name	Operator	Version
caloris_planitia_technologies:web_quiz_pro	caloris planitia technologies web quiz pro	eq	1.0

References

pridels0.blogspot.com/2006/03/web-quiz-pro-xss-vuln.html

secunia.com/advisories/19416

www.osvdb.org/24129

www.osvdb.org/24130

www.securityfocus.com/bid/17255

www.vupen.com/english/advisories/2006/1091

exchange.xforce.ibmcloud.com/vulnerabilities/25431

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for CVE-2006-1417

prion1