Vulnerabilities > CVE-2006-1196 - Unspecified vulnerability in David Barrett Qwikiwiki 1.4/1.5/1.5.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN david-barrett
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in QwikiWiki 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) from and (2) help parameters to (a) index.php; (3) action, (4) page, (5) debug, (6) help, (7) username, or (8) password parameters to (b) login.php; the (7) help parameter to (c) pageindex.php; or (8) help parameter to (d) recentchanges.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
description QwikiWiki 1.4/1.5 pageindex.php help Parameter XSS. CVE-2006-1196. Webapps exploit for php platform id EDB-ID:27411 last seen 2016-02-03 modified 2006-03-10 published 2006-03-10 reporter Kiki source https://www.exploit-db.com/download/27411/ title QwikiWiki 1.4/1.5 pageindex.php help Parameter XSS description QwikiWiki 1.4/1.5 recentchanges.php help Parameter XSS. CVE-2006-1196. Webapps exploit for php platform id EDB-ID:27412 last seen 2016-02-03 modified 2006-03-10 published 2006-03-10 reporter Kiki source https://www.exploit-db.com/download/27412/ title QwikiWiki 1.4/1.5 recentchanges.php help Parameter XSS description QwikiWiki 1.4/1.5 login.php Multiple Parameter XSS. CVE-2006-1196. Webapps exploit for php platform id EDB-ID:27410 last seen 2016-02-03 modified 2006-03-10 published 2006-03-10 reporter Kiki source https://www.exploit-db.com/download/27410/ title QwikiWiki 1.4/1.5 login.php Multiple Parameter XSS description QwikiWiki 1.4/1.5 index.php Multiple Parameter XSS. CVE-2006-1196. Webapps exploit for php platform id EDB-ID:27409 last seen 2016-02-03 modified 2006-03-10 published 2006-03-10 reporter Kiki source https://www.exploit-db.com/download/27409/ title QwikiWiki 1.4/1.5 index.php Multiple Parameter XSS
References
- http://kiki91.altervista.org/exploit/qwikiwiki_1.0.5_xss.txt
- http://kiki91.altervista.org/exploit/qwikiwiki_1.0.5_xss.txt
- http://secunia.com/advisories/19182
- http://secunia.com/advisories/19182
- http://www.osvdb.org/23786
- http://www.osvdb.org/23786
- http://www.osvdb.org/23787
- http://www.osvdb.org/23787
- http://www.osvdb.org/23788
- http://www.osvdb.org/23788
- http://www.osvdb.org/23789
- http://www.osvdb.org/23789
- http://www.securityfocus.com/bid/17064
- http://www.securityfocus.com/bid/17064
- http://www.vupen.com/english/advisories/2006/0910
- http://www.vupen.com/english/advisories/2006/0910
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25128
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25128