Lucene search

[email protected]CVE-2006-1679

HistoryApr 11, 2006 - 12:02 a.m.

CVE-2006-1679

2006-04-1100:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1679

cross-site scripting

xss

jupiter cms

vulnerability

remote attacker

arbitrary web script

html

online.php

index.php

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.6%

JSON

Cross-site scripting (XSS) vulnerability in modules/online.php in Jupiter CMS 1.1.5 allows remote attackers to inject arbitrary web script or HTML via the layout parameter to index.php.

Affected configurations

NVD

Node

jupiter_cmsjupiter_cmsMatch1.1.5

CPENameOperatorVersion
jupiter_cms:jupiter_cmsjupiter cmseq1.1.5

CPE	Name	Operator	Version
jupiter_cms:jupiter_cms	jupiter cms	eq	1.1.5

References

secunia.com/advisories/19582

www.securityfocus.com/archive/1/430391/100/0/threaded

www.securityfocus.com/bid/17405

www.vupen.com/english/advisories/2006/1302

exchange.xforce.ibmcloud.com/vulnerabilities/25700

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.6 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.6%

JSON

Related for CVE-2006-1679

cvelist2 nvd2 prion1 cve1