ID CVE-2006-1697
Summary Cross-site scripting (XSS) vulnerability in Matt Wright Guestbook 2.3.1 allows remote attackers to execute arbitrary web script or HTML via the (1) Your Name, (2) E-Mail, or (3) Comments fields when posting a message.
References
Vulnerable Configurations
  • cpe:2.3:a:matt_wright:matt_wright_guestbook:*:*:*:*:*:*:*:*
    cpe:2.3:a:matt_wright:matt_wright_guestbook:*:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 18-10-2018 - 16:33)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 17438
bugtraq 20060408 Matt Wright Guestbook Xss Script İnjection
misc http://liz0zim.no-ip.org/mattguestbook.html
osvdb 24479
secunia 19586
sreason 681
vupen ADV-2006-1287
xf guestbook-guestbook-parameters-xss(25697)
Last major update 18-10-2018 - 16:33
Published 11-04-2006 - 10:02
Last modified 18-10-2018 - 16:33
Back to Top