Vulnerabilities > CVE-2006-0073 - Cross-Site Scripting vulnerability in DiscusWare Discus Error Message

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
discusware
exploit available
NVD
Published: 2006-01-04
Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in DiscusWare Discus Freeware 3.10.5 and Professional 3.10.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in a URL, which is not properly sanitized from the resulting error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Discusware
2

Exploit-Db

descriptionDiscusWare Discus 3.10 Error Message Cross-Site Scripting Vulnerability. CVE-2006-0073 . Webapps exploit for cgi platform
idEDB-ID:27021
last seen2016-02-03
modified2006-01-02
published2006-01-02
reporter$um$id
sourcehttps://www.exploit-db.com/download/27021/
titleDiscusWare Discus 3.10 Error Message Cross-Site Scripting Vulnerability

References