Lucene search

[email protected]CVE-2006-6188

HistoryDec 01, 2006 - 12:28 a.m.

CVE-2006-6188

2006-12-0100:28:00

[email protected]

web.nvd.nist.gov

information security

xss

vulnerability

clicktech click gallery

cve-2006-6188

nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.8%

JSON

Cross-site scripting (XSS) vulnerability in view_search.asp in ClickTech Click Gallery allows remote attackers to inject arbitrary web script or HTML via the txtKeyWord parameter. NOTE: some of these details are obtained from third party information.

Affected configurations

NVD

Node

clicktechclickgalleryRange≤5.1

clicktechclickgalleryMatch5.0

CPENameOperatorVersion
clicktech:clickgalleryclicktech clickgalleryle5.1
clicktech:clickgalleryclicktech clickgalleryeq5.0

CPE	Name	Operator	Version
clicktech:clickgallery	clicktech clickgallery	le	5.1
clicktech:clickgallery	clicktech clickgallery	eq	5.0

References

secunia.com/advisories/23136

securityreason.com/securityalert/1937

www.aria-security.com/forum/showthread.php?t=49

www.securityfocus.com/archive/1/452733/100/0/threaded

www.securityfocus.com/bid/21311

www.vupen.com/english/advisories/2006/4743

exchange.xforce.ibmcloud.com/vulnerabilities/30536

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.8%

JSON

Related for CVE-2006-6188

nvd1 cvelist1