Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1417

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-1417
Last Modified 13 Sep 2011 12:00:00
Published 28 Mar 2006 03:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1417

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planitia Online Quiz System (aka Web Quiz pro), possibly 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) exam parameter in prequiz.asp or (2) msg parameter in student.asp.

Vulnerable Systems

Application

  • Caloris Planitia Technologies Web Quiz Pro 1.0


References

XF - webquiz-multiple-xss(25431)

VUPEN - ADV-2006-1091

BID - 17255

OSVDB - 24130

OSVDB - 24129

SECUNIA - 19416

MISC - http://pridels0.blogspot.com/2006/03/web-quiz-pro-xss-vuln.html


Last Updated: 27 May 2016 10:42:02