Lucene search
MitreCVE-2006-6518HistoryDec 14, 2006 - 1:28 a.m.
CVE-2006-6518
2006-12-1401:28:00
mitre
web.nvd.nist.gov
25
cve
2006
6518
xss
vulnerabilities
pronews
injection
web
html
admin
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6
Confidence
High
EPSS
0.007
Percentile
80.5%
Multiple cross-site scripting (XSS) vulnerabilities in ProNews 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) pseudo, (2) email, (3) date, (4) sujet, (5) message, (6) site, and (7) lien parameters to (a) admin/change.php, and the (8) aa parameter to (b) lire-avis.php.
Affected configurations
Node
scriptphppronewsMatch1.5
Related
cvelist
cvelist
CVE-2006-6518
2006-12-14 01:00:00
nvd
nvd
CVE-2006-6518
2006-12-14 01:28:00
exploitdb
exploitdb
ProNews 1.5 - 'lire-avis.php?aa' Cross-Site Scripting
2006-12-09 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
6
Confidence
High
EPSS
0.007
Percentile
80.5%
Related for CVE-2006-6518