Vulnerabilities > CVE-2006-2306 - Cross-Site Scripting vulnerability in EPublisherPro Moreinfo.ASP

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
keyvan-janghorbani
critical
exploit available
NVD
Published: 2006-05-11
Updated: 2017-07-20

Summary

Cross-site scripting (XSS) vulnerability in moreinfo.asp in EPublisherPro allows remote attackers to inject arbitrary web script or HTML via the title parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Keyvan_Janghorbani
1

Exploit-Db

descriptionEPublisherPro 0.9.7 Moreinfo.ASP Cross-Site Scripting Vulnerability. CVE-2006-2306 . Webapps exploit for asp platform
idEDB-ID:27844
last seen2016-02-03
modified2006-05-09
published2006-05-09
reporterDj_Eyes
sourcehttps://www.exploit-db.com/download/27844/
titleEPublisherPro 0.9.7 Moreinfo.ASP Cross-Site Scripting Vulnerability

References