CVE-2006-1144

Sažetak

Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php.

Reference

http://secunia.com/advisories/19155
http://www.osvdb.org/23757
http://www.osvdb.org/23758
http://www.securityfocus.com/archive/1/426931/100/0/threaded
http://www.securityfocus.com/bid/17025
http://www.vupen.com/english/advisories/2006/0886
https://exchange.xforce.ibmcloud.com/vulnerabilities/25105

CVSS

Base:	2.6
Impact:	2.9
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:H/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

18-10-2018 - 16:30

Objavljeno

10-03-2006 - 11:02