Vulnerabilities > CVE-2006-1842 - HTML Injection vulnerability in Cynical Games Shoutbook 1.1

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

cynical-games

NVD

Published: 2006-04-19

Updated: 2018-10-18

Summary

Cross-site scripting (XSS) vulnerability in global.php in ShoutBOOK 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) NAME and (2) COMMENTS parameters.

Vulnerable Configurations

Part	Description	Count
Application	Cynical_Games Cynical Games Shoutbook 1.1	1

References

http://secunia.com/advisories/19704
http://securitytracker.com/id?1015958
http://www.securityfocus.com/archive/1/431130/100/0/threaded
http://www.securityfocus.com/bid/17548
http://www.vupen.com/english/advisories/2006/1385
https://exchange.xforce.ibmcloud.com/vulnerabilities/25862