Lucene search

PRIOn knowledge basePRION:CVE-2006-1544

HistoryMar 30, 2006 - 11:02 a.m.

Cross site scripting

2006-03-3011:02:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorkomentarza and (2) tresckomentarza parameters.

CPENameOperatorVersion
vnewseq1.2

CPE	Name	Operator	Version
	vnews	eq	1.2

References

secunia.com/advisories/19435

www.evuln.com/vulns/112

www.osvdb.org/24275

www.securityfocus.com/archive/1/430674/100/0/threaded

www.securityfocus.com/bid/17317

www.vupen.com/english/advisories/2006/1173

exchange.xforce.ibmcloud.com/vulnerabilities/25530

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for PRION:CVE-2006-1544