Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3237

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-3237
Last Modified 07 Mar 2011 09:38:09
Published 27 Jun 2006 06:05:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3237

Summary

Cross-site scripting (XSS) vulnerability in index.php in Enterprise Groupware System (EGS) 1.2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter.

Vulnerable Systems

Application

  • Senokian Solutions Enterprise Groupware Systems 1.0

  • Senokian Solutions Enterprise Groupware Systems 1.0 Rc1

  • Senokian Solutions Enterprise Groupware Systems 1.0 Rc2

  • Senokian Solutions Enterprise Groupware Systems 1.0 Rc3

  • Senokian Solutions Enterprise Groupware Systems 1.0 Rc4

  • Senokian Solutions Enterprise Groupware Systems 1.0 Rc5

  • Senokian Solutions Enterprise Groupware Systems 1.01

  • Senokian Solutions Enterprise Groupware Systems 1.1

  • Senokian Solutions Enterprise Groupware Systems 1.1.1

  • Senokian Solutions Enterprise Groupware Systems 1.1.2

  • Senokian Solutions Enterprise Groupware Systems 1.2

  • Senokian Solutions Enterprise Groupware Systems 1.2.1

  • Senokian Solutions Enterprise Groupware Systems 1.2.2

  • Senokian Solutions Enterprise Groupware Systems 1.2.3

  • Senokian Solutions Enterprise Groupware Systems 1.2.4


References

XF - egs-index-xss(27282)

VUPEN - ADV-2006-2483

BID - 18590

SECTRACK - 1016358

SECUNIA - 20757

MISC - http://pridels0.blogspot.com/2006/06/enterprise-groupware-system-xss-vuln.html


Last Updated: 27 May 2016 10:42:56