Lucene search

[email protected]CVE-2006-3039

HistoryJun 15, 2006 - 10:02 a.m.

CVE-2006-3039

2006-06-1510:02:00

[email protected]

web.nvd.nist.gov

cve-2006-3039

cross-site scripting

xss

cescripts realty home rent

web security

remote attack

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

JSON

Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Home Rent allows remote attackers to inject arbitrary web script or HTML via the sel_menu parameter. NOTE: the vendor notified CVE on 20060823 that “All issues concerning this script and others at cescripts.com have been addressed and fixed.”

Affected configurations

NVD

Node

cescriptsrealty_home_rent

CPENameOperatorVersion
cescripts:realty_home_rentcescripts realty home renteq*

CPE	Name	Operator	Version
cescripts:realty_home_rent	cescripts realty home rent	eq	*

References

secunia.com/advisories/20584

www.attrition.org/pipermail/vim/2006-August/000983.html

www.securityfocus.com/archive/1/436805

www.securityfocus.com/archive/1/444136/100/0/threaded

www.vupen.com/english/advisories/2006/2343

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.6%

JSON

Related for CVE-2006-3039

nvd1 cvelist1