Lucene search

MitreCVE-2006-1634

HistoryApr 06, 2006 - 10:04 a.m.

CVE-2006-1634

2006-04-0610:04:00

mitre

web.nvd.nist.gov

cve-2006-1634

cross-site scripting

xss vulnerability

lucidcms 2.0.0 rc4

remote attackers

web script injection

html injection

index.php

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.003

Percentile

71.0%

JSON

Cross-site scripting (XSS) vulnerability in index.php in LucidCMS 2.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the command parameter.

Affected configurations

Nvd

Node

lucidcmslucidcmsMatch2.0.0_rc4

VendorProductVersionCPE
lucidcmslucidcms2.0.0_rc4cpe:2.3:a:lucidcms:lucidcms:2.0.0_rc4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
lucidcms	lucidcms	2.0.0_rc4	cpe:2.3:a:lucidcms:lucidcms:2.0.0_rc4:::::::*

References

www.securityfocus.com/archive/1/429744

www.securityfocus.com/bid/17360

exchange.xforce.ibmcloud.com/vulnerabilities/25632

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.003

Percentile

71.0%

JSON

Related for CVE-2006-1634