Vulnerabilities > CVE-2006-1233 - Unspecified vulnerability in Mikael Software Wmnews

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

mikael-software

exploit available

NVD

Published: 2006-03-14

Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.

Vulnerable Configurations

Part	Description	Count
Application	Mikael_Software Mikael Software Wmnews *	1

Exploit-Db

description	WMNews 0 wmcomments.php ArtID Parameter XSS. CVE-2006-1233. Webapps exploit for php platform
id	EDB-ID:27417
last seen	2016-02-03
modified	2006-03-10
published	2006-03-10
reporter	R00T3RR0R
source	https://www.exploit-db.com/download/27417/
title	WMNews - wmcomments.php ArtID Parameter XSS

description	WMNews 0 footer.php ctrrowcol Parameter XSS. CVE-2006-1233. Webapps exploit for php platform
id	EDB-ID:27416
last seen	2016-02-03
modified	2006-03-10
published	2006-03-10
reporter	R00T3RR0R
source	https://www.exploit-db.com/download/27416/
title	WMNews - footer.php ctrrowcol Parameter XSS

description	WMNews 0 wmview.php ArtCat Parameter XSS. CVE-2006-1233. Webapps exploit for php platform
id	EDB-ID:27415
last seen	2016-02-03
modified	2006-03-10
published	2006-03-10
reporter	R00T3RR0R
source	https://www.exploit-db.com/download/27415/
title	WMNews - wmview.php ArtCat Parameter XSS

Summary

Vulnerable Configurations

Exploit-Db

References