CVE-2006-1699

Sažetak

Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the banner parameter in view mode.

Reference

http://secunia.com/advisories/19621
http://securitytracker.com/id?1015877
http://www.securityfocus.com/bid/17416
http://www.vupen.com/english/advisories/2006/1348
https://exchange.xforce.ibmcloud.com/vulnerabilities/25782

CVSS

Base:	2.6
Impact:	2.9
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:H/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:30

Objavljeno

11-04-2006 - 10:02