Lucene search

[email protected]CVE-2006-4327

HistoryAug 24, 2006 - 1:04 a.m.

CVE-2006-4327

2006-08-2401:04:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4327

cross-site scripting

xss

cloudnine interactive links manager

security vulnerability

5.8 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.052 Low

EPSS

Percentile

93.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in add_url.php in CloudNine Interactive Links Manager 2006-06-12 allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) description, or (3) keywords parameters.

CPENameOperatorVersion
cloudnine_interactive:links_managercloudnine interactive links managereq2006-06-12

CPE	Name	Operator	Version
cloudnine_interactive:links_manager	cloudnine interactive links manager	eq	2006-06-12

References

evuln.com/vulns/136/description.html

secunia.com/advisories/21560

www.osvdb.org/28067

www.securityfocus.com/archive/1/445912/100/0/threaded

www.securityfocus.com/bid/19650

exchange.xforce.ibmcloud.com/vulnerabilities/28500

5.8 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.052 Low

EPSS

Percentile

93.0%

JSON

Related for CVE-2006-4327

packetstorm1 securityvulns1