Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1504

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-1504
Last Modified 07 Mar 2011 09:33:13
Published 29 Mar 2006 08:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-1504

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in (1) online.php and (2) download.php.

Vulnerable Systems

Application

  • Arab Portal 2.0


References

VUPEN - ADV-2006-1150

BUGTRAQ - 20060328 ArabPortal 2.0 Stable CrossSiteScripting

SECUNIA - 19445

XF - arabportal-online-download-xss(25515)

BID - 17285

OSVDB - 24221

OSVDB - 24220

SREASON - 673


Last Updated: 27 May 2016 10:42:06