Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0829

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0829
Last Modified 07 Mar 2011 09:30:52
Published 21 Feb 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0829

Summary

Cross-site scripting vulnerability in E-Blah Platinum 9.7 allows remote attackers to inject arbitrary web script or HTML via the referer (HTTP_REFERER), which is not sanitized when the log file is viewed by the administrator using "Click Log".

Vulnerable Systems

Application

  • E-blah Platinum 9.7


References

CONFIRM - http://www.eblah.com/forum/m-1140116897/

MISC - http://evuln.com/vulns/83/summary.html

VUPEN - ADV-2006-0638

BID - 16713

XF - eblah-httpreferer-xss(24777)

BUGTRAQ - 20060302 [eVuln] E-Blah Platinum 'Referer' XSS Vulnerability

OSVDB - 23299

SREASON - 528

SECUNIA - 18992


Last Updated: 27 May 2016 10:41:49