CVE-2006-6153

Опубликовано: 28 нояб. 2006

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to inject arbitrary web script or HTML via (1) catname parameter to cat.asp or the (2) minprice parameter to search.asp.

Ссылки

http://s-a-p.ca/index.php?page=OurAdvisories&id=47
URL Repurposed
http://secunia.com/advisories/22987
Vendor Advisory
http://securityreason.com/securityalert/1926
http://securitytracker.com/id?1017259
http://www.securityfocus.com/archive/1/452179/100/100/threaded
http://www.securityfocus.com/bid/21190
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/30446
http://s-a-p.ca/index.php?page=OurAdvisories&id=47
URL Repurposed
http://secunia.com/advisories/22987
Vendor Advisory
http://securityreason.com/securityalert/1926
http://securitytracker.com/id?1017259
http://www.securityfocus.com/archive/1/452179/100/100/threaded
http://www.securityfocus.com/bid/21190
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/30446

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vspin.net:classified_system:2004:*:*:*:*:*:*:*

EPSS

Процентиль: 83%

0.01898

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-6hqv-4hx8-gjg3

github

почти 4 года назад