Vulnerabilities > CVE-2006-1580 - Unspecified vulnerability in Websina Bugzero
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN websina
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in query.jsp and (2) entryId parameter in edit.jsp.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description Bugzero 4.3.1 edit.jsp Multiple Parameter XSS. CVE-2006-1580. Webapps exploit for jsp platform id EDB-ID:27559 last seen 2016-02-03 modified 2006-04-03 published 2006-04-03 reporter r0t source https://www.exploit-db.com/download/27559/ title Bugzero 4.3.1 edit.jsp Multiple Parameter XSS description Bugzero 4.3.1 query.jsp msg Parameter XSS. CVE-2006-1580. Webapps exploit for jsp platform id EDB-ID:27558 last seen 2016-02-03 modified 2006-04-03 published 2006-04-03 reporter r0t source https://www.exploit-db.com/download/27558/ title Bugzero 4.3.1 query.jsp msg Parameter XSS
References
- http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html
- http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html
- http://secunia.com/advisories/19492
- http://secunia.com/advisories/19492
- http://www.osvdb.org/24328
- http://www.osvdb.org/24328
- http://www.osvdb.org/24329
- http://www.osvdb.org/24329
- http://www.securityfocus.com/bid/17351
- http://www.securityfocus.com/bid/17351
- http://www.vupen.com/english/advisories/2006/1195
- http://www.vupen.com/english/advisories/2006/1195
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25601
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25601