Lucene search

[email protected]CVE-2006-2146

HistoryMay 02, 2006 - 10:02 a.m.

CVE-2006-2146

2006-05-0210:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

"cve-2006-2146

cross-site scripting

xss

vulnerabilities

index.php

hb-ns 1.1.6"

5.9 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

77.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in index.php in HB-NS 1.1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) poster_name, (2) poster_email, (3) poster_homepage, or (4) message parameter.

CPENameOperatorVersion
harold_bakker:hb-nsharold bakker hb-nseq1.1.6

CPE	Name	Operator	Version
harold_bakker:hb-ns	harold bakker hb-ns	eq	1.1.6

References

evuln.com/vulns/127/summary.html

secunia.com/advisories/19896

securitytracker.com/id?1016037

www.osvdb.org/25164

www.securityfocus.com/bid/17759

exchange.xforce.ibmcloud.com/vulnerabilities/26138

5.9 Medium

AI Score

Confidence

High

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

77.9%

JSON

Related for CVE-2006-2146

prion2 cve1