Vulnerabilities > CVE-2006-2986 - Cross-Site Scripting vulnerability in Baby Katie Media Very Simple CAR Lister and Very Simple Realty Lister

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
baby-katie-media
exploit available
NVD
Published: 2006-06-13
Updated: 2018-10-18

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Media (a) very Simple Car Lister (vSCAL) 1.0 and (b) very simple Realty Lister (vsREAL) 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) lid parameter in index.php and the (2) title parameter in myslideshow.php.

Vulnerable Configurations

Part Description Count
Application
Baby_Katie_Media
2

Exploit-Db

  • descriptionBaby Katie Media VSReal and VScal 1.0 index.php lid Parameter XSS. CVE-2006-2986. Webapps exploit for php platform
    idEDB-ID:27999
    last seen2016-02-03
    modified2006-06-09
    published2006-06-09
    reporterLuny
    sourcehttps://www.exploit-db.com/download/27999/
    titleBaby Katie Media VSReal and VScal 1.0 index.php lid Parameter XSS
  • descriptionBaby Katie Media VSReal and VScal 1.0 myslideshow.php title Parameter XSS. CVE-2006-2986. Webapps exploit for php platform
    idEDB-ID:28000
    last seen2016-02-03
    modified2006-06-09
    published2006-06-09
    reporterLuny
    sourcehttps://www.exploit-db.com/download/28000/
    titleBaby Katie Media VSReal and VScal 1.0 myslideshow.php title Parameter XSS

References