CVE-2006-1504

Опубликовано: 30 мар. 2006

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in (1) online.php and (2) download.php.

Ссылки

http://secunia.com/advisories/19445
Exploit
Vendor Advisory
http://securityreason.com/securityalert/673
http://www.osvdb.org/24220
http://www.osvdb.org/24221
http://www.securityfocus.com/archive/1/429109/100/0/threaded
http://www.securityfocus.com/bid/17285
http://www.vupen.com/english/advisories/2006/1150
https://exchange.xforce.ibmcloud.com/vulnerabilities/25515
http://secunia.com/advisories/19445
Exploit
Vendor Advisory
http://securityreason.com/securityalert/673
http://www.osvdb.org/24220
http://www.osvdb.org/24221
http://www.securityfocus.com/archive/1/429109/100/0/threaded
http://www.securityfocus.com/bid/17285
http://www.vupen.com/english/advisories/2006/1150
https://exchange.xforce.ibmcloud.com/vulnerabilities/25515

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:arab_portal:arab_portal:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 87%

0.03222

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-cfrw-j57x-7vmf

github

почти 4 года назад