Vulnerabilities > CVE-2006-0941 - Input Validation vulnerability in Cynical Games Shoutlive 1.1.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

cynical-games

NVD

Published: 2006-03-01

Updated: 2018-10-18

Summary

Multiple cross-site scripting (XSS) vulnerabilities in post.php in ShoutLIVE 1.1.0 allow remote attackers to inject arbitrary web script or HTML via certain variables when posting new messages.

Vulnerable Configurations

Part	Description	Count
Application	Cynical_Games Cynical Games Shoutlive 1.1.0	1

Packetstorm

data source	https://packetstormsecurity.com/files/download/44492/EV0087.txt
id	PACKETSTORM:44492
last seen	2016-12-05
published	2006-03-09
reporter	Aliaksandr Hartsuyeu
source	https://packetstormsecurity.com/files/44492/EV0087.txt.html
title	EV0087.txt

References

http://evuln.com/vulns/87/summary.html
http://secunia.com/advisories/19047
http://securityreason.com/securityalert/557
http://www.osvdb.org/23483
http://www.securityfocus.com/archive/1/426985/100/0/threaded
http://www.securityfocus.com/bid/16857
http://www.vupen.com/english/advisories/2006/0755
https://exchange.xforce.ibmcloud.com/vulnerabilities/24901