CVE-2006-1496

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2006-1496
Multiple cross-site scripting (XSS) vulnerabilities in index.php in ViHor Design allow remote attackers to inject arbitrary web script or HTML via (1) a remote URL in the page parameter, which is processed by an fopen call, or (2) HTML or script in the page parameter, which is returned to the client in an error message for the failed fopen call.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://secunia.com/advisories/19403
http://www.attrition.org/pipermail/vim/2006-March/000650.html
http://www.attrition.org/pipermail/vim/2006-March/000651.html
http://www.securityfocus.com/archive/1/428737 Exploit
http://www.securityfocus.com/bid/17226 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/25483
http://secunia.com/advisories/19403
http://www.attrition.org/pipermail/vim/2006-March/000650.html
http://www.attrition.org/pipermail/vim/2006-March/000651.html
http://www.securityfocus.com/archive/1/428737 Exploit
http://www.securityfocus.com/bid/17226 Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/25483
Configurations

Configuration 1 (hide)

cpe:2.3:a:vihor:vihordesign:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:09

Type Values Removed Values Added
References () http://secunia.com/advisories/19403 - () http://secunia.com/advisories/19403 -
References () http://www.attrition.org/pipermail/vim/2006-March/000650.html - () http://www.attrition.org/pipermail/vim/2006-March/000650.html -
References () http://www.attrition.org/pipermail/vim/2006-March/000651.html - () http://www.attrition.org/pipermail/vim/2006-March/000651.html -
References () http://www.securityfocus.com/archive/1/428737 - Exploit () http://www.securityfocus.com/archive/1/428737 - Exploit
References () http://www.securityfocus.com/bid/17226 - Exploit () http://www.securityfocus.com/bid/17226 - Exploit
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/25483 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/25483 -
Information

Published : 2006-03-30 00:06

Updated : 2024-11-21 00:09

NVD link : CVE-2006-1496

Mitre link : CVE-2006-1496

CVE.ORG link : CVE-2006-1496

JSON object : View

Products Affected

vihor

  • vihordesign
CWE
NVD-CWE-Other