CVE-2006-1486

Опубликовано: 29 мар. 2006

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in index.cfm in realestateZONE 4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) bamin, (2) bemin, (3) pmin, and (4) state parameters.

Ссылки

http://pridels0.blogspot.com/2006/03/realestatezone-42-multiple-xss-vuln.html
http://secunia.com/advisories/19429
Exploit
Vendor Advisory
http://www.osvdb.org/24186
http://www.securityfocus.com/bid/17277
Exploit
http://www.vupen.com/english/advisories/2006/1128
https://exchange.xforce.ibmcloud.com/vulnerabilities/25487
http://pridels0.blogspot.com/2006/03/realestatezone-42-multiple-xss-vuln.html
http://secunia.com/advisories/19429
Exploit
Vendor Advisory
http://www.osvdb.org/24186
http://www.securityfocus.com/bid/17277
Exploit
http://www.vupen.com/english/advisories/2006/1128
https://exchange.xforce.ibmcloud.com/vulnerabilities/25487

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:fusionzone:realestatezone:*:*:*:*:*:*:*:*

Версия до 4.2 (включая)

EPSS

Процентиль: 84%

0.02295

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-qf99-934v-7hwm

github

почти 4 года назад