Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1637

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-1637
Last Modified 07 Mar 2011 09:33:28
Published 06 Apr 2006 06:04:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1637

Summary

Multiple cross-site scripting (XSS) vulnerabilities in aWebBB 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) tname or (2) fpost parameters to (a) post.php; (3) fullname, (4) emailadd, (5) country, (6) sig, or (7) otherav parameters to (b) editac.php; or (8) fullname, (9) emailadd, or (10) country parameters to (c) register.php.

Vulnerable Systems

Application

  • Aweb Labs Awebbb 1.2


References

XF - awebbb-multiple-xss(25585)

VUPEN - ADV-2006-1197

BID - 17352

BUGTRAQ - 20060415 [eVuln] aWebBB Multiple XSS and SQL Injection Vulnerabilities

OSVDB - 24339

OSVDB - 24338

OSVDB - 24337

SECUNIA - 19486

MISC - http://evuln.com/vulns/117/summary.html


Last Updated: 27 May 2016 10:42:09