Vulnerabilities > CVE-2006-2497 - Cross-Site Scripting vulnerability in Aspbb 0.5.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in AspBB 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to default.asp or (2) get parameter to profile.asp.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description ASPBB 0.5.2 default.asp action Parameter XSS. CVE-2006-2497. Webapps exploit for asp platform id EDB-ID:27896 last seen 2016-02-03 modified 2006-05-18 published 2006-05-18 reporter TeufeL source https://www.exploit-db.com/download/27896/ title ASPBB 0.5.2 default.asp action Parameter XSS description ASPBB 0.5.2 profile.asp get Parameter XSS. CVE-2006-2497. Webapps exploit for asp platform id EDB-ID:27897 last seen 2016-02-03 modified 2006-05-18 published 2006-05-18 reporter TeufeL source https://www.exploit-db.com/download/27897/ title ASPBB 0.5.2 profile.asp get Parameter XSS