Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2533

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2006-2533
Last Modified 07 Mar 2011 09:36:27
Published 22 May 2006 07:10:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2533

Summary

Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script 0.5.0 does not properly filter all vulnerable HTML tags, which allows remote attackers to inject arbitrary web script or HTML via Javascript in a DIV tag.

Vulnerable Systems

Application

  • Greg Donald Destiney Rated Images Script 0.5.0


References

VUPEN - ADV-2006-1927

BUGTRAQ - 20060521 Destiney Rated Images Script v0.5.0 - XSS Vulnv

XF - destineyris-multiple-xss(26605)

BID - 18070

BUGTRAQ - 20060526 Re: Destiney Rated Images Script v0.5.0 - XSS Vulnv

SREASON - 940

SECUNIA - 20249


Last Updated: 27 May 2016 10:42:39