CVE-2006-1417

Опубликовано: 28 мар. 2006

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planitia Online Quiz System (aka Web Quiz pro), possibly 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) exam parameter in prequiz.asp or (2) msg parameter in student.asp.

Ссылки

http://pridels0.blogspot.com/2006/03/web-quiz-pro-xss-vuln.html
http://secunia.com/advisories/19416
Vendor Advisory
http://www.osvdb.org/24129
Exploit
http://www.osvdb.org/24130
Exploit
http://www.securityfocus.com/bid/17255
Exploit
http://www.vupen.com/english/advisories/2006/1091
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25431
http://pridels0.blogspot.com/2006/03/web-quiz-pro-xss-vuln.html
http://secunia.com/advisories/19416
Vendor Advisory
http://www.osvdb.org/24129
Exploit
http://www.osvdb.org/24130
Exploit
http://www.securityfocus.com/bid/17255
Exploit
http://www.vupen.com/english/advisories/2006/1091
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/25431

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:caloris_planitia_technologies:web_quiz_pro:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.02035

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-4p44-ffg8-7f9p

github

почти 4 года назад