CVE-2006-1486

Sažetak

Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in realestateZONE 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) bamin, (2) bemin, (3) pmin, and (4) state parameters.

Reference

http://pridels0.blogspot.com/2006/03/realestatezone-42-multiple-xss-vuln.html
http://secunia.com/advisories/19429
http://www.osvdb.org/24186
http://www.securityfocus.com/bid/17277
http://www.vupen.com/english/advisories/2006/1128
https://exchange.xforce.ibmcloud.com/vulnerabilities/25487

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:30

Objavljeno

29-03-2006 - 02:02