Lucene search

[email protected]CVE-2006-3080

HistoryJun 19, 2006 - 10:02 a.m.

CVE-2006-3080

2006-06-1910:02:00

[email protected]

web.nvd.nist.gov

cve-2006-3080

xss

web script injection

html injection

viewposts.cfm

axentforum ii

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

Cross-site scripting (XSS) vulnerability in viewposts.cfm in aXentForum II and earlier allows remote attackers to inject arbitrary web script or HTML via the startrow parameter.

Affected configurations

NVD

Node

axentaxentforumMatchi

axentaxentforumMatchii

CPENameOperatorVersion
axent:axentforumaxent axentforumeqi
axent:axentforumaxent axentforumeqii

CPE	Name	Operator	Version
axent:axentforum	axent axentforum	eq	i
axent:axentforum	axent axentforum	eq	ii

References

pridels0.blogspot.com/2006/06/axentforum-ii-xss-vuln.html

securitytracker.com/id?1016320

www.securityfocus.com/archive/1/437403/100/0/threaded

www.securityfocus.com/archive/1/438062/100/0/threaded

www.securityfocus.com/bid/18473

www.vupen.com/english/advisories/2006/2407

exchange.xforce.ibmcloud.com/vulnerabilities/27136

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

Related for CVE-2006-3080

nvd1 cvelist1