Vulnerabilities > CVE-2006-2258 - Input Validation vulnerability in Maxxcode Maxxschedule 1.0

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

maxxcode

NVD

Published: 2006-05-09

Updated: 2017-07-20

Summary

Cross-site scripting (XSS) vulnerability in Logon.asp in MaxxSchedule 1.0 allows remote attackers to inject arbitrary web script or HTML via the Error parameter.

Vulnerable Configurations

Part	Description	Count
Application	Maxxcode Maxxcode Maxxschedule 1.0	1

References

http://secunia.com/advisories/20039
http://securitytracker.com/id?1016093
http://www.osvdb.org/25446
http://www.securityfocus.com/bid/17892
http://www.vupen.com/english/advisories/2006/1700
https://exchange.xforce.ibmcloud.com/vulnerabilities/26310