Vulnerabilities > CVE-2006-2965 - Cross-Site Scripting vulnerability in Particle Soft Particle Whois 1.0.3

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

particle-soft

NVD

Published: 2006-06-12

Updated: 2018-10-18

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Particle Soft Particle Whois 1.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) the target parameter in index.php and (2) the "input box."

Vulnerable Configurations

Part	Description	Count
Application	Particle_Soft Particle Soft Particle Whois 1.0.3	1

References

http://secunia.com/advisories/20490
http://securityreason.com/securityalert/1071
http://www.securityfocus.com/archive/1/436113/100/0/threaded
http://www.vupen.com/english/advisories/2006/2168
https://exchange.xforce.ibmcloud.com/vulnerabilities/26954