Lucene search

MitreCVE-2006-4087

HistoryAug 11, 2006 - 10:04 a.m.

CVE-2006-4087

2006-08-1110:04:00

mitre

web.nvd.nist.gov

cve-2006-4087

cross-site scripting

xss

admin.cgi

mojoscripts.com

mojogallery

vulnerability

web script

html

username parameter

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

65.8%

JSON

Cross-site scripting (XSS) vulnerability in admin.cgi in mojoscripts.com mojoGallery allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.

Affected configurations

Nvd

Node

mojoscriptsmojogallery

VendorProductVersionCPE
mojoscriptsmojogallery*cpe:2.3:a:mojoscripts:mojogallery:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mojoscripts	mojogallery	*	cpe:2.3:a:mojoscripts:mojogallery::::::::

References

secunia.com/advisories/21438

www.vupen.com/english/advisories/2006/3220

exchange.xforce.ibmcloud.com/vulnerabilities/28293

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

65.8%

JSON

Related for CVE-2006-4087