Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3004

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-3004
Last Modified 07 Mar 2011 09:37:27
Published 12 Jun 2006 09:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3004

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search.

Vulnerable Systems

Application

  • Scriptsez Ez Ringtone Manager


References

VUPEN - ADV-2006-2237

BID - 18340

BUGTRAQ - 20060608 Ez Ringtone Manager from scriptez.net - XSS

SECUNIA - 20530

XF - ezringtone-player-xss(27062)

SREASON - 1097


Last Updated: 27 May 2016 10:42:51