Lucene search

[email protected]CVE-2006-3273

HistoryJun 28, 2006 - 10:05 p.m.

CVE-2006-3273

2006-06-2822:05:00

[email protected]

web.nvd.nist.gov

cve-2006-3273

cross-site scripting

xss

menu.php

some chess 1.5 rc1

web script

html

user parameter

nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

Cross-site scripting (XSS) vulnerability in menu.php in Some Chess 1.5 rc1 allows remote attackers to inject arbitrary web script or HTML via the user parameter (“New Name” field).

Affected configurations

NVD

Node

astrodog_presssome_chessMatch1.5_rc1

CPENameOperatorVersion
astrodog_press:some_chessastrodog press some chesseq1.5_rc1

CPE	Name	Operator	Version
astrodog_press:some_chess	astrodog press some chess	eq	1.5_rc1

References

secunia.com/advisories/20770

securityreason.com/securityalert/1162

securitytracker.com/id?1016360

www.securityfocus.com/archive/1/438009/100/0/threaded

www.securityfocus.com/bid/18557

exchange.xforce.ibmcloud.com/vulnerabilities/27307

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for CVE-2006-3273

cvelist1 nvd1