CVE-2006-1980

Опубликовано: 21 апр. 2006

Источник: nvd

CVSS2: 2.6

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the (1) query string, (2) SID parameter, or (3) ilang parameter.

Ссылки

http://pridels0.blogspot.com/2006/04/w2b-online-banking-vuln.html
http://secunia.com/advisories/19717
Vendor Advisory
http://www.osvdb.org/24759
http://www.securityfocus.com/bid/17626
Exploit
http://www.vupen.com/english/advisories/2006/1445
https://exchange.xforce.ibmcloud.com/vulnerabilities/25947
http://pridels0.blogspot.com/2006/04/w2b-online-banking-vuln.html
http://secunia.com/advisories/19717
Vendor Advisory
http://www.osvdb.org/24759
http://www.securityfocus.com/bid/17626
Exploit
http://www.vupen.com/english/advisories/2006/1445
https://exchange.xforce.ibmcloud.com/vulnerabilities/25947

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:w2b:online_banking:*:*:*:*:*:*:*:*

EPSS

Процентиль: 70%

0.00622

Низкий

2.6 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-6p92-3wv9-227w

github

почти 4 года назад