Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2986

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-2986
Last Modified 07 Mar 2011 09:37:26
Published 12 Jun 2006 09:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-2986

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Media (a) very Simple Car Lister (vSCAL) 1.0 and (b) very simple Realty Lister (vsREAL) 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) lid parameter in index.php and the (2) title parameter in myslideshow.php.

Vulnerable Systems

Application

  • Baby Katie Media Very Simple Car Lister 1.0

  • Baby Katie Media Very Simple Realty Lister 1.0


References

VUPEN - ADV-2006-2238

BID - 18350

BUGTRAQ - 20060607 Babykatmedia.com scripts - vSCAL & vREAL - XSS Vulns

SECUNIA - 20533

XF - vscal-vsreal-index-myslideshow-xss(27095)

SREASON - 1084


Last Updated: 27 May 2016 10:42:50