CVE

Id
19711  
CVE No.
CVE-2006-3607  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Softbiz Banner Exchange Script (aka Banner Exchange Network Script) 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the city parameter in (a) insertmember.php, and (2) a PHPSESSID cookie in (b) lostpassword.php, (c) gen_confirm_mem.php, and (d) index.php.  
Phase
Assigned (20060714)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
178548 19711 CVE-2006-3607 BUGTRAQ:20060629 Softbiz Banner Exchange 1.0 XSS  View
178549 19711 CVE-2006-3607 URL:http://www.securityfocus.com/archive/1/archive/1/438705/100/200/threaded  View
178550 19711 CVE-2006-3607 MISC:http://ellsec.org/print.php?type=N&item_id=141  View
178551 19711 CVE-2006-3607 BID:18735  View
178552 19711 CVE-2006-3607 URL:http://www.securityfocus.com/bid/18735  View
178553 19711 CVE-2006-3607 XF:softbizbannerexchange-insertmember-xss(27460)  View
178554 19711 CVE-2006-3607 URL:http://xforce.iss.net/xforce/xfdb/27460  View
178555 19711 CVE-2006-3607 XF:softbizbannerexchange-multiple-xss(27461)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
60500 JVNDB-2006-002766 Orbitcoders OrbitMATRIX の index.php におけるクロスサイトスクリプティングの脆弱性 Orbitcoders OrbitMATRIX の index.php には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2006-3609 19711 4.3 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-002766.html  View