Vulnerabilities > CVE-2006-1431 - Cross-Site Scripting vulnerability in Fusionzone Couponzone 4.2

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
fusionzone
exploit available
NVD
Published: 2006-03-28
Updated: 2017-07-20

Summary

Cross-site scripting (XSS) vulnerability in local.cfm in fusionZONE couponZONE 4.2 allows remote attackers to inject arbitrary web script or HTML via URL-encoded (1) srchfor and (2) srchby parameters.

Vulnerable Configurations

Part Description Count
Application
Fusionzone
1

Exploit-Db

descriptionFusionZONE CouponZONE 4.2 Multiple Cross-Site Scripting Vulnerabilities. CVE-2006-1431. Webapps exploit for cfm platform
idEDB-ID:27489
last seen2016-02-03
modified2006-03-28
published2006-03-28
reporterr0t
sourcehttps://www.exploit-db.com/download/27489/
titleFusionZONE CouponZONE 4.2 - Multiple Cross-Site Scripting Vulnerabilities

References