Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3519

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2006-3519
Last Modified 07 Mar 2011 09:38:50
Published 11 Jul 2006 07:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3519

Summary

Multiple cross-site scripting (XSS) vulnerabilities in The Banner Engine (tbe) 4.0 allow remote attackers to execute arbitrary web script or HTML via the (1) text parameter in a search action to (a) top.php, and the (2) adminpass or (3) adminlogin parameter to (b) signup.php.

Vulnerable Systems

Application

  • Native Solutions The Banner Engine 4.0


References

VUPEN - ADV-2006-2656

BUGTRAQ - 20060703 TBE 4.0 XSS

SECTRACK - 1016432

SECUNIA - 20916

XF - tbe-signup-top-xss(27549)

BID - 18793

SREASON - 1204


Last Updated: 27 May 2016 10:43:02