Vulnerabilities > CVE-2006-2536 - HTML Injection vulnerability in Greg Donald Destiney Links Script 2.1.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE network
greg-donald
Summary
Cross-site scripting (XSS) vulnerability in Destiney Links Script 2.1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) "Search" (term parameter in index.php) and (2) "Add a Site" (add.php) fields.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |