Rigter Portal System (RPS) 1.0, 2.0, and 3.0 allows remote attackers to add arbitrary content and conduct XSS attacks via a direct request to add_art.php. NOTE: this issue was originally reported as SQL injection, but this is not likely.
References
| Link | Resource |
|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048006.html | Exploit Vendor Advisory |
| http://securityreason.com/securityalert/2322 | |
| http://www.osvdb.org/28640 | Vendor Advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39972 | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048006.html | Exploit Vendor Advisory |
| http://securityreason.com/securityalert/2322 | |
| http://www.osvdb.org/28640 | Vendor Advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39972 |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:24
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048006.html - Exploit, Vendor Advisory | |
| References | () http://securityreason.com/securityalert/2322 - | |
| References | () http://www.osvdb.org/28640 - Vendor Advisory | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/39972 - |
Information
Published : 2007-03-02 21:18
Updated : 2024-11-21 00:24
NVD link : CVE-2006-7085
Mitre link : CVE-2006-7085
CVE.ORG link : CVE-2006-7085
JSON object : View
Products Affected
rigter_portal_system
- rigter_portal_system
CWE