Lucene search

[email protected]CVE-2006-3051

HistoryJun 16, 2006 - 10:02 a.m.

CVE-2006-3051

2006-06-1610:02:00

[email protected]

web.nvd.nist.gov

cve-2006-3051

cross-site scripting

xss

sixcms 6.0

security vulnerability

nvd

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

High

0.037 Low

EPSS

Percentile

91.8%

JSON

Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to inject arbitrary script code or HTML via the page parameter.

Affected configurations

NVD

Node

six_offene_systeme_gmbhsixcmsRange≤6.0

CPENameOperatorVersion
six_offene_systeme_gmbh:sixcmssix offene systeme gmbh sixcmsle6.0

CPE	Name	Operator	Version
six_offene_systeme_gmbh:sixcms	six offene systeme gmbh sixcms	le	6.0

References

secunia.com/advisories/20655

securityreason.com/securityalert/1101

securitytracker.com/id?1016282

www.majorsecurity.de/advisory/major_rls17.txt

www.securityfocus.com/archive/1/437047/100/0/threaded

www.securityfocus.com/archive/1/437639/100/0/threaded

www.securityfocus.com/bid/18393

www.vupen.com/english/advisories/2006/2386

exchange.xforce.ibmcloud.com/vulnerabilities/27108

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

6.1 Medium

AI Score

Confidence

High

0.037 Low

EPSS

Percentile

91.8%

JSON

Related for CVE-2006-3051

cvelist1 nvd1