Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1657

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-1657
Last Modified 07 Mar 2011 09:33:30
Published 07 Apr 2006 06:04:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1657

Summary

Cross-site scripting (XSS) vulnerability in index.php in Chucky A. Ivey N.T. 1.1.0 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not filtered when the administrator views the "Login Log" page.

Vulnerable Systems

Application

  • Chucky A. Ivey N.t. 1.1.0


References

VUPEN - ADV-2006-1243

SECUNIA - 19526

MISC - http://evuln.com/vulns/121/summary.html

XF - nt-index-xss(25638)

BID - 17387

BUGTRAQ - 20060419 [eVuln] N.T. Version 1.1.0 XSS and PHP Code Insertion Vulnerabilities

OSVDB - 24397

SREASON - 741


Last Updated: 27 May 2016 10:42:09