Vulnerabilities > CVE-2006-1899 - HTML Injection vulnerability in DEV Neuron Blog 1.1

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

dev

NVD

Published: 2006-04-20

Updated: 2018-10-18

Summary

Multiple cross-site scripting (XSS) vulnerabilities in dev Neuron Blog 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) website parameters.

Vulnerable Configurations

Part	Description	Count
Application	Dev DEV Neuron Blog 1.1	1

References

http://secunia.com/advisories/19703
http://securitytracker.com/id?1015960
http://www.securityfocus.com/archive/1/431131/100/0/threaded
http://www.securityfocus.com/bid/17552
http://www.vupen.com/english/advisories/2006/1406
https://exchange.xforce.ibmcloud.com/vulnerabilities/25913