ID |
CVE-2006-2572
|
Summary |
Cross-site scripting (XSS) vulnerability in index.php in DGBook 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) email, and (4) address parameters. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 2.6 (as of 19-10-2018 - 15:46) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
HIGH |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
PARTIAL |
NONE |
|
cvss-vector
via4
|
AV:N/AC:H/Au:N/C:N/I:P/A:N
|
refmap
via4
|
bid | 18310 | bugtraq | - 20060523 DGbook v1.0 - XSS
- 20060609 Re: DGbook v1.0 - XSS
| osvdb | 25732 | secunia | 20201 | sreason | 948 | vupen | ADV-2006-1942 | xf | dgbook-index-xss(26629) |
|
Last major update |
19-10-2018 - 15:46 |
Published |
24-05-2006 - 23:02 |
Last modified |
19-10-2018 - 15:46 |