1. CVE-Search
  2. CVE-2006-1331
ID CVE-2006-1331
Summary Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) method or (2) list parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:phpoutsourcing:noahs_classifieds:*:*:*:*:*:*:*:*
    cpe:2.3:a:phpoutsourcing:noahs_classifieds:*:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 20-07-2017 - 01:30)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 17151
bugtraq 20060320 Noah's Classifieds Multiple Path Disclosure and Cross Site Scripting Vulnerabilities
fulldisc 20060308 Noah's Classifieds Multiple Cross-Site Scripting Vulnerabilities
misc http://zone14.free.fr/advisories/1
xf
  • noahs-index-path-disclosure(25331)
  • noahs-index-xss(25099)
Last major update 20-07-2017 - 01:30
Published 21-03-2006 - 01:06
Last modified 20-07-2017 - 01:30
Back to Top