Vulnerabilities > CVE-2006-0149 - Cross-Site Scripting vulnerability in Simpbook 1.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

simpbook

NVD

Published: 2006-01-09

Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in SimpBook 1.0, with html_enable on (the default), allows remote attackers to inject arbitrary web script or HTML via the message field.

Vulnerable Configurations

Part	Description	Count
Application	Simpbook Simpbook Simpbook 1.0	1

References

http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041127.html
http://securitytracker.com/id?1015451