Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1612

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-1612
Last Modified 07 Mar 2011 09:33:25
Published 04 Apr 2006 06:04:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-1612

Summary

Multiple cross-site scripting (XSS) vulnerabilities in visview.php in aWebNews 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) yname, (2) emailadd, (3) subject, and (4) comment parameters.

Vulnerable Systems

Application

  • Aweb Labs Awebnews 1.0


References

VUPEN - ADV-2006-1196

SECUNIA - 19487

MISC - http://evuln.com/vulns/116/summary.html

XF - awebnews-visview-xss(25589)

BUGTRAQ - 20060414 [eVuln] aWebNews Multiple XSS and SQL Injection Vulnerabilities

OSVDB - 24333

SREASON - 707


Last Updated: 27 May 2016 10:42:09