Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3051

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-3051
Last Modified 07 Mar 2011 09:37:31
Published 16 Jun 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3051

Summary

Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to inject arbitrary script code or HTML via the page parameter.

Vulnerable Systems

Application

  • Six Offene Systeme Gmbh Sixcms 6.0


References

VUPEN - ADV-2006-2386

BID - 18393

BUGTRAQ - 20060619 Re: [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabilities

BUGTRAQ - 20060612 [MajorSecurity #17] SixCMS <= 6 - Multiple XSS and directory traversal vulnerabilities

MISC - http://www.majorsecurity.de/advisory/major_rls17.txt

SECTRACK - 1016282

SECUNIA - 20655

XF - sixcms-list-xss(27108)

SREASON - 1101


Last Updated: 27 May 2016 10:42:52