Vulnerabilities > CVE-2006-1965 - Unspecified vulnerability in Aasi Media NET Clubs PRO 4.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
aasi-media
exploit available
NVD
Published: 2006-04-21
Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net Clubs Pro 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) onuser, (2) pass, (3) chatsys, (4) room, (5) username, and (6) to parameters in (a) sendim.cgi; the (7) username parameter in (b) imessage.cgi; the (8) password parameter in (c) login.cgi; and the (9) cat_id parameter in (d) viewcat.cgi.

Vulnerable Configurations

Part Description Count
Application
Aasi_Media
1

Exploit-Db

  • descriptionNet Clubs Pro 4.0 sendim.cgi Multiple Parameter XSS. CVE-2006-1965. Webapps exploit for cgi platform
    idEDB-ID:27695
    last seen2016-02-03
    modified2006-04-20
    published2006-04-20
    reporterr0t
    sourcehttps://www.exploit-db.com/download/27695/
    titleNet Clubs Pro 4.0 sendim.cgi Multiple Parameter XSS
  • descriptionNet Clubs Pro 4.0 login.cgi password Parameter XSS. CVE-2006-1965. Webapps exploit for cgi platform
    idEDB-ID:27697
    last seen2016-02-03
    modified2006-04-20
    published2006-04-20
    reporterr0t
    sourcehttps://www.exploit-db.com/download/27697/
    titleNet Clubs Pro 4.0 login.cgi password Parameter XSS
  • descriptionNet Clubs Pro 4.0 imessage.cgi username Parameter XSS. CVE-2006-1965. Webapps exploit for cgi platform
    idEDB-ID:27696
    last seen2016-02-03
    modified2006-04-20
    published2006-04-20
    reporterr0t
    sourcehttps://www.exploit-db.com/download/27696/
    titleNet Clubs Pro 4.0 imessage.cgi username Parameter XSS

References