Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2751

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-2751
Last Modified 05 Sep 2008 05:05:20
Published 01 Jun 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2751

Summary

Cross-site scripting (XSS) vulnerability in Open Searchable Image Catalogue (OSIC) 0.7.0.1 and earlier allows remote attackers to inject arbitrary web scripts or HTML via the item_list parameter in search.php.

Vulnerable Systems

Application

  • Open Searchable Image Catalogue 0.7.0.0


References

BUGTRAQ - 20060530 Open Searchable Image Catalogue: XSS and SQL Injection Vulnerabilities

MISC - http://www.seclab.tuwien.ac.at/advisories/TUVSA-0605-001.txt

MISC - http://svn.sourceforge.net/viewcvs.cgi/osic-win/branches/osic_0-7/osic/search.php?view=markup&rev=477

MISC - http://sourceforge.net/forum/forum.php?forum_id=576483

XF - osic-search-xss(26965)

SREASON - 1014


Last Updated: 27 May 2016 10:42:44