Vulnerabilities > CVE-2006-2011 - Cross-Site Scripting vulnerability in 4Homepages 4Images 1.7

047910
CVSS 2.6 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
high complexity
4homepages

Summary

Cross-site scripting (XSS) vulnerability in member.php in 4images 1.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the nickname, probably involving the user_name parameter in register.php.

Vulnerable Configurations

Part Description Count
Application
4Homepages
1