Lucene search

[email protected]NVD:CVE-2006-1331

HistoryMar 21, 2006 - 1:06 a.m.

CVE-2006-1331

2006-03-2101:06:00

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.8

Confidence

High

EPSS

0.041

Percentile

92.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah’s Classifieds 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) method or (2) list parameter.

Affected configurations

Nvd

Node

phpoutsourcingnoahs_classifiedsRange≤1.3

VendorProductVersionCPE
phpoutsourcingnoahs_classifieds*cpe:2.3:a:phpoutsourcing:noahs_classifieds:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpoutsourcing	noahs_classifieds	*	cpe:2.3:a:phpoutsourcing:noahs_classifieds::::::::

References

archives.neohapsis.com/archives/fulldisclosure/2006-03/0191.html

www.securityfocus.com/archive/1/428157

www.securityfocus.com/bid/17151

zone14.free.fr/advisories/1

exchange.xforce.ibmcloud.com/vulnerabilities/25099

exchange.xforce.ibmcloud.com/vulnerabilities/25331

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.8

Confidence

High

EPSS

0.041

Percentile

92.2%

JSON

Related for NVD:CVE-2006-1331

prion1 cvelist1 cve1