Lucene search

[email protected]NVD:CVE-2006-2231

HistoryMay 05, 2006 - 7:02 p.m.

CVE-2006-2231

2006-05-0519:02:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.006

Percentile

78.9%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in addguest.cgi in Big Webmaster Guestbook Script 1.02 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) mail, (2) site, (3) city, (4) state, (5) country, and possibly (6) name fields, which are viewed via viewguest.cgi.

Affected configurations

Nvd

Node

big_webmasterbig_webmaster_guestbook_scriptRange≤1.02

VendorProductVersionCPE
big_webmasterbig_webmaster_guestbook_script*cpe:2.3:a:big_webmaster:big_webmaster_guestbook_script:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
big_webmaster	big_webmaster_guestbook_script	*	cpe:2.3:a:big_webmaster:big_webmaster_guestbook_script::::::::

References

lists.grok.org.uk/pipermail/full-disclosure/2006-May/045752.html

secunia.com/advisories/19971

securityreason.com/securityalert/843

www.osvdb.org/25257

www.securityfocus.com/archive/1/432970/100/0/threaded

www.securityfocus.com/bid/17834

exchange.xforce.ibmcloud.com/vulnerabilities/26246

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.006

Percentile

78.9%

JSON

Related for NVD:CVE-2006-2231

cvelist1 prion1 cve1