CVE-2006-1404

Опубликовано: 28 мар. 2006

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in BlankOL 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) file or (2) function parameter.

Ссылки

http://pridels0.blogspot.com/2006/03/blankol-xss-vuln.html
http://secunia.com/advisories/19387
Vendor Advisory
http://www.osvdb.org/24124
http://www.securityfocus.com/bid/17265
http://www.vupen.com/english/advisories/2006/1111
https://exchange.xforce.ibmcloud.com/vulnerabilities/25488
http://pridels0.blogspot.com/2006/03/blankol-xss-vuln.html
http://secunia.com/advisories/19387
Vendor Advisory
http://www.osvdb.org/24124
http://www.securityfocus.com/bid/17265
http://www.vupen.com/english/advisories/2006/1111
https://exchange.xforce.ibmcloud.com/vulnerabilities/25488

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:industrial_imagination:blankol:*:*:*:*:*:*:*:*

Версия до 1 (включая)

EPSS

Процентиль: 76%

0.00973

Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-2m88-wjg8-77mw

github

почти 4 года назад