Lucene search
HistoryApr 20, 2006 - 6:06 p.m.
CVE-2006-1908
cve-2006-1908
cross-site scripting
addevent.php
myevent 1.x
security vulnerability
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.4%
Cross-site scripting vulnerability in addevent.php in myEvent 1.x allows remote attackers to inject arbitrary web script or HTML via the event_desc parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Affected configurations
Node
myweblandmyeventRange≤1.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| mywebland:myevent | mywebland myevent | le | 1.2 |
Related
prion
prion
Cross site scripting
2006-04-20 18:06:00
cvelist
cvelist
CVE-2006-1908
2006-04-20 18:00:00
nvd
nvd
CVE-2006-1908
2006-04-20 18:06:00
openvas
openvas
myEvent Multiple Remote Vulnerabilities
2008-10-24 00:00:00
nessus
nessus
myEvent Multiple Remote Vulnerabilities
2006-04-21 00:00:00
2.6 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
76.4%
Related for CVE-2006-1908