Vulnerabilities > CVE-2006-2963 - Cross-Site Scripting vulnerability in Cabacos Web Cms

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

it-direkt

NVD

Published: 2006-06-12

Updated: 2018-10-18

Summary

Cross-site scripting (XSS) vulnerability in Suchergebnisse.asp in Cabacos Web CMS 3.8.498 and earlier allows remote attackers to inject arbitrary web script or HTML via the suchtext parameter.

Vulnerable Configurations

Part	Description	Count
Application	It-Direkt IT Direkt Cabacos WEB CMS *	1

References

http://secunia.com/advisories/20583
http://securitytracker.com/id?1016276
http://www.majorsecurity.de/advisory/major_rls13.txt
http://www.securityfocus.com/archive/1/436704/100/200/threaded
http://www.vupen.com/english/advisories/2006/2277
https://exchange.xforce.ibmcloud.com/vulnerabilities/27063