NVD

Id
61635  
Name
CVE-2006-2951  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.10 and earlier allow remote attackers to inject arbitrary web script and HTML via the (1) Titlesitename or (2) sitename parameter to (a) header.php, (3) nuke_url parameter to (b) meta/meta.php, (4) forum parameter to (c) viewforum.php, (5) post_id, (6) forum, (7) topic, or (8) arbre parameter to (d) editpost.php, or (9) uname or (10) email parameter to (e) user.php.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)  
Pub Date
2016-12-20  
Published
2006-06-12  
Modified Date
2011-09-13  
Seq
2006-2951  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
319064 61635 CVE-2006-2951 1076  View
319065 61635 CVE-2006-2951 http://www.acid-root.new.fr/advisories/npds510.txt  View
319066 61635 CVE-2006-2951 20060608 NPDS <= 5.10 Local Inclusion, XSS, Full path disclosure  View
319067 61635 CVE-2006-2951 18383  View
319068 61635 CVE-2006-2951 ADV-2006-2233  View
319069 61635 CVE-2006-2951 npds-multiple-scripts-xss(27123)  View

Related JVN