CVE-2006-5661

Cross-site scripting (XSS) vulnerability in nquser.php in VIRtech Netquery allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050462.html
http://secunia.com/advisories/22864
http://securityreason.com/securityalert/1807
http://securitytracker.com/id?1017147
http://virtech.org/tools/
http://www.securityfocus.com/archive/1/450270/100/0/threaded
http://www.securityfocus.com/archive/1/451350/100/100/threaded
http://www.securityfocus.com/bid/20837	Exploit
http://www.vupen.com/english/advisories/2006/4512
http://www.zion-security.com/text/XSS_Vulnerability_VIRtechs_Netquery.txt	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/29927
http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050462.html
http://secunia.com/advisories/22864
http://securityreason.com/securityalert/1807
http://securitytracker.com/id?1017147
http://virtech.org/tools/
http://www.securityfocus.com/archive/1/450270/100/0/threaded
http://www.securityfocus.com/archive/1/451350/100/100/threaded
http://www.securityfocus.com/bid/20837	Exploit
http://www.vupen.com/english/advisories/2006/4512
http://www.zion-security.com/text/XSS_Vulnerability_VIRtechs_Netquery.txt	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/29927

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:virtech:netquery:e107_edition:::::::*
	cpe:2.3:a:virtech:netquery:postnuke_edition:::::::*
	cpe:2.3:a:virtech:netquery:xaraya_edition:::::::*
	cpe:2.3:a:virtech:netquery:xoops_edition:::::::*

History

21 Nov 2024, 00:20

Type	Values Removed	Values Added
References	~~() http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050462.html -~~	() http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050462.html -
References	~~() http://secunia.com/advisories/22864 -~~	() http://secunia.com/advisories/22864 -
References	~~() http://securityreason.com/securityalert/1807 -~~	() http://securityreason.com/securityalert/1807 -
References	~~() http://securitytracker.com/id?1017147 -~~	() http://securitytracker.com/id?1017147 -
References	~~() http://virtech.org/tools/ -~~	() http://virtech.org/tools/ -
References	~~() http://www.securityfocus.com/archive/1/450270/100/0/threaded -~~	() http://www.securityfocus.com/archive/1/450270/100/0/threaded -
References	~~() http://www.securityfocus.com/archive/1/451350/100/100/threaded -~~	() http://www.securityfocus.com/archive/1/451350/100/100/threaded -
References	~~() http://www.securityfocus.com/bid/20837 - Exploit~~	() http://www.securityfocus.com/bid/20837 - Exploit
References	~~() http://www.vupen.com/english/advisories/2006/4512 -~~	() http://www.vupen.com/english/advisories/2006/4512 -
References	~~() http://www.zion-security.com/text/XSS_Vulnerability_VIRtechs_Netquery.txt - Exploit~~	() http://www.zion-security.com/text/XSS_Vulnerability_VIRtechs_Netquery.txt - Exploit
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/29927 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/29927 -

Information

Published : 2006-11-03 00:07

Updated : 2024-11-21 00:20

NVD link : CVE-2006-5661

Mitre link : CVE-2006-5661

CVE.ORG link : CVE-2006-5661

JSON object : View

Products Affected

virtech

netquery

CWE

NVD-CWE-Other

6.8 /10