Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0649

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-0649
Last Modified 07 Mar 2011 09:30:30
Published 13 Feb 2006 06:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-0649

Summary

Cross-site scripting (XSS) vulnerability in DataparkSearch before 4.37 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Dataparksearch 4.16

  • Dataparksearch 4.17

  • Dataparksearch 4.18

  • Dataparksearch 4.19

  • Dataparksearch 4.20

  • Dataparksearch 4.21

  • Dataparksearch 4.22

  • Dataparksearch 4.23

  • Dataparksearch 4.24

  • Dataparksearch 4.25

  • Dataparksearch 4.26

  • Dataparksearch 4.27

  • Dataparksearch 4.28

  • Dataparksearch 4.29

  • Dataparksearch 4.30

  • Dataparksearch 4.31

  • Dataparksearch 4.32

  • Dataparksearch 4.33

  • Dataparksearch 4.34

  • Dataparksearch 4.35

  • Dataparksearch 4.36


References

SECUNIA - 18751

VUPEN - ADV-2006-0488

CONFIRM - http://www.dataparksearch.org/ChangeLog

XF - dataparksearch-scripts-xss(24627)

BID - 16572


Last Updated: 27 May 2016 10:41:44