Vulnerabilities > CVE-2006-1640 - Input Validation vulnerability in Czaries Network Czarnews 1.14

047910
CVSS 2.6 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
high complexity
czaries-network

Summary

Cross-site scripting (XSS) vulnerability in news.php in CzarNews 1.14 allows remote attackers to inject arbitrary web script or HTML via the email parameter.

Vulnerable Configurations

Part Description Count
Application
Czaries_Network
1