Lucene search

[email protected]NVD:CVE-2006-2991

HistoryJun 13, 2006 - 1:02 a.m.

CVE-2006-2991

2006-06-1301:02:00

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 allow remote attackers to inject arbitrary web script or HTML via a JavaScript URI in the SRC attribute of an IMG element, and possibly other manipulations, in the ringid parameter in (1) next.cgi, (2) stats.cgi, or (3) list.cgi.

Affected configurations

NVD

Node

ringlinkringlinkMatch3.2

References

secunia.com/advisories/20590

securityreason.com/securityalert/1082

www.osvdb.org/26318

www.osvdb.org/26319

www.osvdb.org/26320

www.securityfocus.com/archive/1/436690/100/0/threaded

www.securityfocus.com/bid/18360

www.vupen.com/english/advisories/2006/2281

exchange.xforce.ibmcloud.com/vulnerabilities/27053

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for NVD:CVE-2006-2991

cvelist1 cve1