Vulnerabilities > CVE-2006-1435 - Input Validation vulnerability in Accounting Receiving and Inventory Administration Aria 0.996

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
accounting-receiving-and-inventory-administration
exploit available
NVD
Published: 2006-04-03
Updated: 2017-07-20

Summary

Cross-site scripting (XSS) vulnerability in genmessage.php in Accounting Receiving and Inventory Administration (ARIA) 0.99-6 allows remote attackers to inject arbitrary web script or HTML via the Message Field (message parameter).

Vulnerable Configurations

Part Description Count
Application
Accounting_Receiving_And_Inventory_Administration
1

Exploit-Db

descriptionOZJournals 1.5 Multiple Input Validation Vulnerabilities. CVE-2006-1435. Webapps exploit for php platform
idEDB-ID:28325
last seen2016-02-03
modified2006-08-02
published2006-08-02
reporterLuny
sourcehttps://www.exploit-db.com/download/28325/
titleOZJournals 1.5 - Multiple Input Validation Vulnerabilities

References