CVE-2006-3037

{"id": "CVE-2006-3037", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2006-06-15T10:02:00.000", "references": [{"url": "http://secunia.com/advisories/20598", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/436657/30/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/2303", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27161", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/20598", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/436657/30/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/2303", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27161", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in publish.php in ST AdManager Lite allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) description, (3) article, (4) bio, and (5) name parameters."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades cross-site scripting (XSS) en publish.php en ST AdManager Lite permite a atacantes remotos inyectar scripts web o HTML de forma arbitraria a trav\u00e9s de los par\u00e1metros (1) title, (2) description, (3) article, (4) bio, y (5) name."}], "lastModified": "2024-11-21T00:12:40.360", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:site_trade:st_admanager_lite:v1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7135FA28-3EDF-42F2-9DC8-089B71410895"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}