Vulnerabilities > CVE-2006-1761 - Unspecified vulnerability in Blursoft Blur6Ex 0.3.462

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

blursoft

NVD

Published: 2006-04-13

Updated: 2024-11-21

Summary

Cross-site scripting vulnerability in index.php in blur6ex 0.3.452 allows remote attackers to inject arbitrary web script or HTML via the errormsg parameter, which is not sanitized in the error message. NOTE: the vector in the shard parameter is not XSS and has been assigned a separate name.

Vulnerable Configurations

Part	Description	Count
Application	Blursoft Blursoft Blur6Ex 0.3.462	1

References

http://www.attrition.org/pipermail/vim/2006-April/000691.html
http://www.attrition.org/pipermail/vim/2006-April/000691.html
http://www.securityfocus.com/archive/1/430607/100/0/threaded
http://www.securityfocus.com/archive/1/430607/100/0/threaded
http://www.securityfocus.com/archive/1/430885/100/0/threaded
http://www.securityfocus.com/archive/1/430885/100/0/threaded
http://www.securityfocus.com/bid/17465
http://www.securityfocus.com/bid/17465
https://exchange.xforce.ibmcloud.com/vulnerabilities/25757
https://exchange.xforce.ibmcloud.com/vulnerabilities/25757