Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2348

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-2348
Last Modified 07 Mar 2011 09:36:02
Published 12 May 2006 01:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2348

Summary

Cross-site scripting (XSS) vulnerability in form_grupo.html in E-Business Designer (eBD) 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this issue might be resultant from SQL injection.

Vulnerable Systems

Application

  • Oasyssoft E-business Designer 3.1.4


References

VUPEN - ADV-2006-1784

BID - 17933

SECUNIA - 20071

FULLDISC - 20060511 Several flaws in e-business designer (eBD)

XF - ebd-formgrupo-xss(26475)

SREASON - 891


Last Updated: 27 May 2016 10:42:26