Lucene search

[email protected]CVE-2006-3769

HistoryJul 24, 2006 - 12:19 p.m.

CVE-2006-3769

2006-07-2412:19:00

[email protected]

web.nvd.nist.gov

cve-2006-3769

cross-site scripting

xss

top xl 1.1

security vulnerabilities

nvd

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.026 Low

EPSS

Percentile

90.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pass and (2) pass2 parameters in (a) add.php or the (3) id parameter in (b) members/index.php.

Affected configurations

NVD

Node

top_xltop_xlRange≤1.1

top_xltop_xlMatch1.0

CPENameOperatorVersion
top_xl:top_xltop xlle1.1
top_xl:top_xltop xleq1.0

CPE	Name	Operator	Version
top_xl:top_xl	top xl	le	1.1
top_xl:top_xl	top xl	eq	1.0

References

secunia.com/advisories/21145

securityreason.com/securityalert/1267

securitytracker.com/id?1016548

www.majorsecurity.de/advisory/major_rls22.txt

www.osvdb.org/27413

www.osvdb.org/27414

www.securityfocus.com/archive/1/440652/100/0/threaded

www.securityfocus.com/archive/1/440889/100/100/threaded

www.securityfocus.com/bid/19098

www.vupen.com/english/advisories/2006/2914

exchange.xforce.ibmcloud.com/vulnerabilities/27880

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.026 Low

EPSS

Percentile

90.3%

JSON

Related for CVE-2006-3769

nvd1 cvelist1