Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3333

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-3333
Last Modified 09 Oct 2008 01:19:37
Published 30 Jun 2006 07:05:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-3333

Summary

Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to inject web script or HTML via the multiple unspecified parameters, including the (1) frommethod, (2) list, and (3) method, which are reflected in an error message. NOTE: some of these vectors might be resultant from SQL injection.

Vulnerable Systems

Application

  • Phpoutsourcing Zorum 3.5


References

XF - zorum-forum-index-xss(19598)

MISC - http://pridels0.blogspot.com/2006/06/zorum-forum-35-vuln.html


Last Updated: 27 May 2016 10:42:58