Vulnerabilities > CVE-2006-1850 - Unspecified vulnerability in Skymarx Solutions Xflow

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

skymarx-solutions

exploit available

NVD

Published: 2006-04-19

Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in xFlow 5.46.11 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) level, (2) position, (3) id, and (4) action parameters to members_only/index.cgi, and the (5) page parameter to customer_area/index.cgi.

Vulnerable Configurations

Part	Description	Count
Application	Skymarx_Solutions Skymarx Solutions Xflow *	1

Exploit-Db

description	xFlow 5.46.11 index.cgi Multiple Parameter XSS. CVE-2006-1850. Webapps exploit for cgi platform
id	EDB-ID:27691
last seen	2016-02-03
modified	2006-04-19
published	2006-04-19
reporter	r0t
source	https://www.exploit-db.com/download/27691/
title	xFlow 5.46.11 index.cgi Multiple Parameter XSS

Summary

Vulnerable Configurations

Exploit-Db

References