Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0524

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-0524
Last Modified 05 Sep 2008 04:59:30
Published 02 Feb 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-0524

Summary

Cross-site scripting (XSS) vulnerability in ashnews.php in Derek Ashauer ashNews 0.83 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Vulnerable Systems

Application

  • Ashwebstudio Ashnews 0.83


References

XF - ashnews-ashnews-xss(24365)

BID - 16426

OSVDB - 22934

SECUNIA - 9331

FULLDISC - 20060131 Re: ashnews Cross-Site Scripting Vulnerability

FULLDISC - 20060130 Re: ashnews Cross-Site Scripting Vulnerability

FULLDISC - 20060130 ashnews Cross-Site Scripting Vulnerability


Last Updated: 27 May 2016 10:41:41