Vulnerabilities > CVE-2006-1580 - Cross-Site Scripting vulnerability in Bugzero
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in query.jsp and (2) entryId parameter in edit.jsp.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Bugzero 4.3.1 edit.jsp Multiple Parameter XSS. CVE-2006-1580. Webapps exploit for jsp platform id EDB-ID:27559 last seen 2016-02-03 modified 2006-04-03 published 2006-04-03 reporter r0t source https://www.exploit-db.com/download/27559/ title Bugzero 4.3.1 edit.jsp Multiple Parameter XSS description Bugzero 4.3.1 query.jsp msg Parameter XSS. CVE-2006-1580. Webapps exploit for jsp platform id EDB-ID:27558 last seen 2016-02-03 modified 2006-04-03 published 2006-04-03 reporter r0t source https://www.exploit-db.com/download/27558/ title Bugzero 4.3.1 query.jsp msg Parameter XSS