Search...

MyArticles Module for RunCMS submit.php XSS

2006-11-23T20:58:54

ID OSVDB:35785
Type osvdb
Reporter OSVDB
Modified 2006-11-23T20:58:54

Description

Solution Description

Upgrade to version 0.6 beta-1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=466097 Related OSVDB ID: 35784 Related OSVDB ID: 35786 ISS X-Force ID: 30618 FrSIRT Advisory: ADV-2006-4777 CVE-2006-6452

JSON Vulners Source

Initial Source

{"href": "https://vulners.com/osvdb/OSVDB:35785", "history": [], "id": "OSVDB:35785", "reporter": "OSVDB", "published": "2006-11-23T20:58:54", "description": "## Solution Description\nUpgrade to version 0.6 beta-1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=466097\n[Related OSVDB ID: 35784](https://vulners.com/osvdb/OSVDB:35784)\n[Related OSVDB ID: 35786](https://vulners.com/osvdb/OSVDB:35786)\nISS X-Force ID: 30618\nFrSIRT Advisory: ADV-2006-4777\n[CVE-2006-6452](https://vulners.com/cve/CVE-2006-6452)\n", "title": "MyArticles Module for RunCMS submit.php XSS", "lastseen": "2017-04-28T13:20:31", "bulletinFamily": "software", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "hash": "163ece7ed19604febf2b4e4f8d8ba34eb114e14d195a6fb67a86ddcf1c0b57c2", "references": [], "edition": 1, "cvelist": ["CVE-2006-6452"], "affectedSoftware": [], "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-6452"]}, {"type": "osvdb", "idList": ["OSVDB:35784", "OSVDB:35786"]}], "modified": "2017-04-28T13:20:31"}, "vulnersScore": 7.5}, "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "5c2f1f998976751ee6c12657bd76ccaa"}, {"key": "cvss", "hash": "737e2591b537c46d1ca7ce6f0cea5cb9"}, {"key": "description", "hash": "57d0c2d6ade7da087718a04265b4af6b"}, {"key": "href", "hash": "55dc61939b2cc200de6247549a56fe8d"}, {"key": "modified", "hash": "eef5ae459973426b4f5001d449e3e9e4"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "eef5ae459973426b4f5001d449e3e9e4"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "02f5882cd9415d3cad84738989c5ce75"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "objectVersion": "1.2", "modified": "2006-11-23T20:58:54"}

{"cve": [{"lastseen": "2017-07-29T11:21:43", "bulletinFamily": "NVD", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles module before 0.6 beta 1, for RunCMS, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) topics.php, (2) submit.php, and (3) class/calendar.class.php.", "modified": "2017-07-28T21:29:32", "published": "2006-12-10T16:28:00", "id": "CVE-2006-6452", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6452", "title": "CVE-2006-6452", "type": "cve", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:31", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 0.6 beta-1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=466097\n[Related OSVDB ID: 35784](https://vulners.com/osvdb/OSVDB:35784)\n[Related OSVDB ID: 35785](https://vulners.com/osvdb/OSVDB:35785)\nISS X-Force ID: 30618\nFrSIRT Advisory: ADV-2006-4777\n[CVE-2006-6452](https://vulners.com/cve/CVE-2006-6452)\n", "modified": "2006-11-23T20:58:54", "published": "2006-11-23T20:58:54", "href": "https://vulners.com/osvdb/OSVDB:35786", "id": "OSVDB:35786", "title": "MyArticles Module for RunCMS class/calendar.class.php XSS", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:31", "bulletinFamily": "software", "description": "## Solution Description\nUpgrade to version 0.6 beta-1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=466097\n[Related OSVDB ID: 35786](https://vulners.com/osvdb/OSVDB:35786)\n[Related OSVDB ID: 35785](https://vulners.com/osvdb/OSVDB:35785)\nISS X-Force ID: 30618\nFrSIRT Advisory: ADV-2006-4777\n[CVE-2006-6452](https://vulners.com/cve/CVE-2006-6452)\n", "modified": "2006-11-23T20:58:54", "published": "2006-11-23T20:58:54", "href": "https://vulners.com/osvdb/OSVDB:35784", "id": "OSVDB:35784", "title": "MyArticles Module for RunCMS topics.php XSS", "type": "osvdb", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}