Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2243

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2006-2243
Last Modified 05 Sep 2008 05:04:02
Published 09 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2243

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Web4Future News Portal allow remote attackers to inject arbitrary web script or HTML via the ID parameter to (1) comentarii.php or (2) view.php. NOTE: this issue might be resultant from SQL injection.

Vulnerable Systems

Application

  • Web4future News Portal


References

SECTRACK - 1016027

XF - newsportal-comentarii-view-xss(26259)

OSVDB - 25288

OSVDB - 25287

SECUNIA - 17880


Last Updated: 27 May 2016 10:42:23