CVE-2006-6082

Опубликовано: 24 нояб. 2006

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to addlisting.asp or the (2) search parameter to search.asp.

Ссылки

http://s-a-p.ca/index.php?page=OurAdvisories&id=54
Exploit
Vendor Advisory
URL Repurposed
http://secunia.com/advisories/23067
Exploit
Vendor Advisory
http://securityreason.com/securityalert/1907
http://www.securityfocus.com/archive/1/452241/100/0/threaded
http://www.securityfocus.com/bid/21230
Exploit
http://www.vupen.com/english/advisories/2006/4665
https://exchange.xforce.ibmcloud.com/vulnerabilities/30473
http://s-a-p.ca/index.php?page=OurAdvisories&id=54
Exploit
Vendor Advisory
URL Repurposed
http://secunia.com/advisories/23067
Exploit
Vendor Advisory
http://securityreason.com/securityalert/1907
http://www.securityfocus.com/archive/1/452241/100/0/threaded
http://www.securityfocus.com/bid/21230
Exploit
http://www.vupen.com/english/advisories/2006/4665
https://exchange.xforce.ibmcloud.com/vulnerabilities/30473

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:creascripts:creadirectory:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 84%

0.02207

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jh7p-cmpq-rp5m

github

почти 4 года назад