Vulnerabilities > CVE-2006-0984 - Cross-Site Scripting vulnerability in EJ3 Topo 2.2.178
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in inc_header.php in EJ3 TOPo 2.2.178 allows remote attackers to inject arbitrary web script or HTML via the gTopNombre parameter. This vulnerability affects EJ3, TOPo version 2.2.178, and possibly all previous versions.
Exploit-Db
| description | EJ3 TOPo 2.2.178 Inc_header.PHP Cross-Site Scripting Vulnerability. CVE-2006-0984. Webapps exploit for php platform |
| id | EDB-ID:27336 |
| last seen | 2016-02-03 |
| modified | 2006-02-28 |
| published | 2006-02-28 |
| reporter | Yunus Emre Yilmaz |
| source | https://www.exploit-db.com/download/27336/ |
| title | EJ3 TOPo 2.2.178 Inc_header.PHP Cross-Site Scripting Vulnerability |
References
- http://secunia.com/advisories/19070
- http://securityreason.com/securityalert/511
- http://www.osvdb.org/23541
- http://www.securityfocus.com/archive/1/426318/100/0/threaded
- http://www.securityfocus.com/bid/16879
- http://www.vupen.com/english/advisories/2006/0775
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24980