ID CVE-2006-3103
Summary Cross-site scripting (XSS) vulnerability in Bitweaver 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error parameter in users/login.php and the (2) feedback parameter in articles/index.php.
References
Vulnerable Configurations
  • cpe:2.3:a:bitweaver:bitweaver:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:bitweaver:bitweaver:1.3:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 18-10-2018 - 16:45)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bugtraq 20060617 bitweaver <= v1.3 multiple vulnerabilities
confirm
misc http://retrogod.altervista.org/bitweaver_13_xpl.html
osvdb 26588
secunia 20695
sreason 1115
vupen ADV-2006-2405
xf bitweaver-index-xss(27213)
Last major update 18-10-2018 - 16:45
Published 21-06-2006 - 01:02
Last modified 18-10-2018 - 16:45
Back to Top