Vulnerabilities > CVE-2006-0073 - Unspecified vulnerability in Discusware Discus Freeware and Discus Professional
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN discusware
exploit available
Summary
Cross-site scripting (XSS) vulnerability in DiscusWare Discus Freeware 3.10.5 and Professional 3.10.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a URL, which is not properly sanitized from the resulting error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | DiscusWare Discus 3.10 Error Message Cross-Site Scripting Vulnerability. CVE-2006-0073 . Webapps exploit for cgi platform |
| id | EDB-ID:27021 |
| last seen | 2016-02-03 |
| modified | 2006-01-02 |
| published | 2006-01-02 |
| reporter | $um$id |
| source | https://www.exploit-db.com/download/27021/ |
| title | DiscusWare Discus 3.10 Error Message Cross-Site Scripting Vulnerability |