Vulnerabilities > CVE-2006-1413 - Unspecified vulnerability in Htmljunction Ezhomepagepro

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
htmljunction
exploit available

Summary

Multiple cross-site scripting (XSS) vulnerabilities in EZHomepagePro 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) adid or (2) aname parameter in (a) common/email.asp, (b) users/users_search.asp, or (c) users/users_profiles.asp; (3) page parameter in (d) users/users_calendar.asp; (4) usid parameter in (e) users/users_mgallery.asp; or (5) m parameter in (f) users/users_search.asp.

Vulnerable Configurations

Part Description Count
Application
Htmljunction
1

Exploit-Db

  • descriptionEZHomePagePro 1.5 users_mgallery.asp usid Parameter XSS. CVE-2006-1413. Webapps exploit for asp platform
    idEDB-ID:27473
    last seen2016-02-03
    modified2006-03-27
    published2006-03-27
    reporterr0t
    sourcehttps://www.exploit-db.com/download/27473/
    titleEZHomePagePro 1.5 users_mgallery.asp usid Parameter XSS
  • descriptionEZHomePagePro 1.5 users_calendar.asp page Parameter XSS. CVE-2006-1413. Webapps exploit for asp platform
    idEDB-ID:27471
    last seen2016-02-03
    modified2006-03-27
    published2006-03-27
    reporterr0t
    sourcehttps://www.exploit-db.com/download/27471/
    titleEZHomePagePro 1.5 users_calendar.asp page Parameter XSS
  • descriptionEZHomePagePro 1.5 users_search.asp Multiple Parameter XSS. CVE-2006-1413. Webapps exploit for asp platform
    idEDB-ID:27470
    last seen2016-02-03
    modified2006-03-27
    published2006-03-27
    reporterr0t
    sourcehttps://www.exploit-db.com/download/27470/
    titleEZHomePagePro 1.5 users_search.asp Multiple Parameter XSS
  • descriptionEZHomePagePro 1.5 users_profiles.asp Multiple Parameter XSS. CVE-2006-1413. Webapps exploit for asp platform
    idEDB-ID:27472
    last seen2016-02-03
    modified2006-03-27
    published2006-03-27
    reporterr0t
    sourcehttps://www.exploit-db.com/download/27472/
    titleEZHomePagePro 1.5 users_profiles.asp Multiple Parameter XSS
  • descriptionEZHomePagePro 1.5 email.asp Multiple Parameter XSS. CVE-2006-1413. Webapps exploit for asp platform
    idEDB-ID:27469
    last seen2016-02-03
    modified2006-03-27
    published2006-03-27
    reporterr0t
    sourcehttps://www.exploit-db.com/download/27469/
    titleEZHomePagePro 1.5 email.asp Multiple Parameter XSS