Vulnerabilities > CVE-2006-0078 - HTML Injection vulnerability in Haddad Said B-Net Software 1.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

haddad-said

NVD

Published: 2006-01-04

Updated: 2018-10-19

Summary

Multiple cross-site scripting (XSS) vulnerabilities in B-net Software 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) shout variables to (a) shout.php, or the (3) title and (4) message variables to (b) guestbook.php.

Vulnerable Configurations

Part	Description	Count
Application	Haddad_Said Haddad Said B NET Software 1.0	1

References

http://evuln.com/vulns/10/summary.html
http://secunia.com/advisories/18271
http://securityreason.com/securityalert/316
http://sourceforge.net/project/shownotes.php?release_id=442067&group_id=117067
http://www.osvdb.org/22190
http://www.osvdb.org/22191
http://www.securityfocus.com/archive/1/420673/100/0/threaded
http://www.securityfocus.com/archive/1/444320/100/0/threaded
http://www.securityfocus.com/bid/16114
http://www.vupen.com/english/advisories/2006/0018