1. CVE-Search
  2. CVE-2006-5661
ID CVE-2006-5661
Summary Cross-site scripting (XSS) vulnerability in nquser.php in VIRtech Netquery allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.
References
Vulnerable Configurations
  • cpe:2.3:a:virtech:netquery:e107_edition:*:*:*:*:*:*:*
    cpe:2.3:a:virtech:netquery:e107_edition:*:*:*:*:*:*:*
  • cpe:2.3:a:virtech:netquery:postnuke_edition:*:*:*:*:*:*:*
    cpe:2.3:a:virtech:netquery:postnuke_edition:*:*:*:*:*:*:*
  • cpe:2.3:a:virtech:netquery:xaraya_edition:*:*:*:*:*:*:*
    cpe:2.3:a:virtech:netquery:xaraya_edition:*:*:*:*:*:*:*
  • cpe:2.3:a:virtech:netquery:xoops_edition:*:*:*:*:*:*:*
    cpe:2.3:a:virtech:netquery:xoops_edition:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 17-10-2018 - 21:44)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 20837
bugtraq
  • 20061101 Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech"
  • 20061111 Re: Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech"
confirm http://virtech.org/tools/
fulldisc 20061031 Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech"
misc http://www.zion-security.com/text/XSS_Vulnerability_VIRtechs_Netquery.txt
sectrack 1017147
secunia 22864
sreason 1807
vupen ADV-2006-4512
xf netquery-nquser-xss(29927)
Last major update 17-10-2018 - 21:44
Published 03-11-2006 - 00:07
Last modified 17-10-2018 - 21:44
Back to Top