1. CVE-Search
  2. CVE-2006-1414
ID CVE-2006-1414
Summary Multiple cross-site scripting (XSS) vulnerabilities in toast.asp in Toast Forums 1.6 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) author, (2) subject, (3) message, or (4) dayprune parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:toast_forums:toast_forums:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:toast_forums:toast_forums:1.6:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 20-07-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 17249
misc http://pridels0.blogspot.com/2006/03/xss-in-toast-forums-16.html
osvdb 24119
secunia 19401
vupen ADV-2006-1092
xf toastforums-toast-xss(25440)
Last major update 20-07-2017 - 01:30
Published 28-03-2006 - 20:02
Last modified 20-07-2017 - 01:30
Back to Top