Lucene search

[email protected]CVE-2006-3765

HistoryJul 21, 2006 - 2:03 p.m.

CVE-2006-3765

2006-07-2114:03:00

[email protected]

web.nvd.nist.gov

cve-2006-3765

xss

cross-site scripting

huttenlocher webdesign

hwdeguest 2.1.1

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher Webdesign hwdeGUEST 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated by the “name input” field in new_entry.php.

Affected configurations

NVD

Node

huttenlocher_webdesignhwdeguestRange≤2.1.1

CPENameOperatorVersion
huttenlocher_webdesign:hwdeguesthuttenlocher webdesign hwdeguestle2.1.1

CPE	Name	Operator	Version
huttenlocher_webdesign:hwdeguest	huttenlocher webdesign hwdeguest	le	2.1.1

References

securityreason.com/securityalert/1258

securitytracker.com/id?1016549

www.securityfocus.com/archive/1/440455/100/0/threaded

www.securityfocus.com/bid/19053

www.vupen.com/english/advisories/2006/2871

exchange.xforce.ibmcloud.com/vulnerabilities/27805

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for CVE-2006-3765

nvd1 cvelist1