Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1889

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2006-1889
Last Modified 07 Mar 2011 09:34:30
Published 20 Apr 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1889

Summary

Cross-site scripting (XSS) vulnerability in the search action handler in index.php in Nils Asmussen (aka SCRIPTSOLUTION) Boardsolution 1.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Search for" item (keyword parameter).

Vulnerable Systems

Application

  • Script-solution.de Boardsolution 1.12


References

VUPEN - ADV-2006-1413

BID - 17549

BUGTRAQ - 20060415 Boardsolution <= 1.12 XSS

XF - boardsolution-index-xss(25805)

SECTRACK - 1015948

SREASON - 766

SREASON - 718

SECUNIA - 19654


Last Updated: 27 May 2016 10:42:15