CVE-2006-3585

Loading...

General

Score:4.3/10.0
Severity:Low
Category:N/A
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 09/08/06 - Updated on 20/07/17

Description

Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS 2.1 SR1 allow remote attackers to inject arbitrary web script or HTML via the (1) login parameter in admin/cms/index.php, (2) unspecified parameters in the "Supply news" page in formmail.php, (3) the URL in the "Site statistics" page, and the (5) query_string parameter when performing a search.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2006-3585

Exploits

SecurityFocusBID-19303

Relative technologies

VendorProduct
jetboxjetbox_cms

Share this vulnerability with:

Twitter Facebook LinkedIn Mail