CVE-2006-1504

Sažetak

Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in (1) online.php and (2) download.php.

Reference

http://secunia.com/advisories/19445
http://securityreason.com/securityalert/673
http://www.osvdb.org/24220
http://www.osvdb.org/24221
http://www.securityfocus.com/archive/1/429109/100/0/threaded
http://www.securityfocus.com/bid/17285
http://www.vupen.com/english/advisories/2006/1150
https://exchange.xforce.ibmcloud.com/vulnerabilities/25515

CVSS

Base:	5.1
Impact:	6.4
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

18-10-2018 - 16:32

Objavljeno

30-03-2006 - 01:06