CVE

Id
21231  
CVE No.
CVE-2006-5127  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.  
Phase
Assigned (20061002)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
201844 21231 CVE-2006-5127 BUGTRAQ:20060929 [MajorSecurity Advisory #28]ConPresso CMS - Multiple Cross Site Scripting and SQL Injection Issues  View
201845 21231 CVE-2006-5127 URL:http://www.securityfocus.com/archive/1/archive/1/447358/100/0/threaded  View
201846 21231 CVE-2006-5127 MISC:http://www.majorsecurity.de/index_2.php?major_rls=major_rls28  View
201847 21231 CVE-2006-5127 CONFIRM:http://download.compresso.de/compresso-4.0.5a.zip  View
201848 21231 CVE-2006-5127 BID:20273  View
201849 21231 CVE-2006-5127 URL:http://www.securityfocus.com/bid/20273  View
201850 21231 CVE-2006-5127 VUPEN:ADV-2006-3868  View
201851 21231 CVE-2006-5127 URL:http://www.vupen.com/english/advisories/2006/3868  View
201852 21231 CVE-2006-5127 SECUNIA:22145  View
201853 21231 CVE-2006-5127 URL:http://secunia.com/advisories/22145  View
201854 21231 CVE-2006-5127 SREASON:1671  View
201855 21231 CVE-2006-5127 URL:http://securityreason.com/securityalert/1671  View
201856 21231 CVE-2006-5127 XF:conpressocms-multiple-scripts-xss(29272)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
60985 JVNDB-2006-003251 ph03y3nk JAF CMS におけるクロスサイトスクリプティングの脆弱性 ph03y3nk just another flat file (JAF) CMS は、name、email、title、date、ldate、および lname 変数に関する処理に不備があるため、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2006-5129 21231 6.8 http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003251.html  View