CVE-2006-1144

Опубликовано: 10 мар. 2006

Источник: nvd

CVSS2: 2.6

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php.

Ссылки

http://secunia.com/advisories/19155
Vendor Advisory
http://www.osvdb.org/23757
http://www.osvdb.org/23758
http://www.securityfocus.com/archive/1/426931/100/0/threaded
http://www.securityfocus.com/bid/17025
http://www.vupen.com/english/advisories/2006/0886
https://exchange.xforce.ibmcloud.com/vulnerabilities/25105
http://secunia.com/advisories/19155
Vendor Advisory
http://www.osvdb.org/23757
http://www.osvdb.org/23758
http://www.securityfocus.com/archive/1/426931/100/0/threaded
http://www.securityfocus.com/bid/17025
http://www.vupen.com/english/advisories/2006/0886
https://exchange.xforce.ibmcloud.com/vulnerabilities/25105

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:david_ravenscroft:hithost:1.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03305

Низкий

2.6 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8f26-gfv3-vw59

github

почти 4 года назад