Vulnerabilities > CVE-2006-0378 - Cross-Site Scripting vulnerability in Netrix X-Site Manager Product_Details.PHP
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
netrix
Summary
Cross-site scripting (XSS) vulnerability in Netrix X-Site Manager allows remote attackers to inject arbitrary web script or HTML via the product_id parameter, as originally demonstrated for a custom mp3players_details.php program. NOTE: the name of the affected program might be installation-dependent, but it has been identified as "product_details.php" by some sources.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |