Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0980

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-0980
Last Modified 07 Mar 2011 09:31:28
Published 03 Mar 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-0980

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Jay Eckles CGI Calendar 2.7 allow remote attackers to inject arbitrary web script or HTML via the year parameter in (1) index.cgi and (2) viewday.cgi.

Vulnerable Systems

Application

  • Jay Eckles Cgi Calendar 2.7


References

VUPEN - ADV-2006-0764

BUGTRAQ - 20060226 CGI Calendar XSS Vulnerability

XF - cgicalendar-index-viewday-xss(24946)

SECUNIA - 19066


Last Updated: 27 May 2016 10:41:52