Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1913

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2006-1913
Last Modified 07 Mar 2011 09:34:32
Published 20 Apr 2006 02:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-1913

Summary

Cross-site scripting (XSS) vulnerability in jax_guestbook.php in Jax Guestbook 3.1, 3.31, and 3.50 allows remote attackers to inject arbitrary web script or HTML via the page parameter.

Vulnerable Systems

Application

  • Jax Scripts Jax Guestbook 3.50


References

VUPEN - ADV-2006-1800

BID - 17560

SECUNIA - 16337

MISC - http://lostmon.blogspot.com/2005/08/jax-php-scripts-multiple.html

XF - jaxguestbook-admin-xss(26448)

OSVDB - 24991

SECUNIA - 20110

SECUNIA - 19843

MISC - http://kiki91.altervista.org/exploit/jax.txt


Last Updated: 27 May 2016 10:42:15