Lucene search

[email protected]NVD:CVE-2006-1216

HistoryMar 14, 2006 - 2:02 a.m.

CVE-2006-1216

2006-03-1402:02:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.009

Percentile

82.9%

JSON

Cross-site scripting (XSS) vulnerability in bigshow.php in Runcms 1.x allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Affected configurations

Nvd

Node

runcmsruncmsMatch1.1

runcmsruncmsMatch1.1a

runcmsruncmsMatch1.2

runcmsruncmsMatch1.3a

runcmsruncmsMatch1.3a2

runcmsruncmsMatch1.3a5

VendorProductVersionCPE
runcmsruncms1.1cpe:2.3:a:runcms:runcms:1.1:*:*:*:*:*:*:*
runcmsruncms1.1acpe:2.3:a:runcms:runcms:1.1a:*:*:*:*:*:*:*
runcmsruncms1.2cpe:2.3:a:runcms:runcms:1.2:*:*:*:*:*:*:*
runcmsruncms1.3acpe:2.3:a:runcms:runcms:1.3a:*:*:*:*:*:*:*
runcmsruncms1.3a2cpe:2.3:a:runcms:runcms:1.3a2:*:*:*:*:*:*:*
runcmsruncms1.3a5cpe:2.3:a:runcms:runcms:1.3a5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
runcms	runcms	1.1	cpe:2.3:a:runcms:runcms:1.1:::::::*
runcms	runcms	1.1a	cpe:2.3:a:runcms:runcms:1.1a:::::::*
runcms	runcms	1.2	cpe:2.3:a:runcms:runcms:1.2:::::::*
runcms	runcms	1.3a	cpe:2.3:a:runcms:runcms:1.3a:::::::*
runcms	runcms	1.3a2	cpe:2.3:a:runcms:runcms:1.3a2:::::::*
runcms	runcms	1.3a5	cpe:2.3:a:runcms:runcms:1.3a5:::::::*

References

secunia.com/advisories/18997

securityreason.com/securityalert/474

www.kapda.ir/advisory-280.html

www.osvdb.org/23823

www.securityfocus.com/archive/1/426829

www.securityfocus.com/bid/16970

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.009

Percentile

82.9%

JSON

Related for NVD:CVE-2006-1216

exploitdb1 prion1 cvelist1 cve1