Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3212

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-3212
Last Modified 07 Mar 2011 09:38:05
Published 23 Jun 2006 09:06:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3212

Summary

Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject web script or HTML via the (1) name, (2) email, (3) add, and (4) wName parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Cjguestbook 1.2

  • Cjguestbook 1.3


References

VUPEN - ADV-2006-2488

BID - 18591

SECUNIA - 20751

XF - cjguestbook-posting-entry-xss(27326)


Last Updated: 27 May 2016 10:42:54