Vulnerabilities > CVE-2006-2986 - Cross-Site Scripting vulnerability in Baby Katie Media Very Simple CAR Lister and Very Simple Realty Lister
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in Baby Katie Media (a) very Simple Car Lister (vSCAL) 1.0 and (b) very simple Realty Lister (vsREAL) 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) lid parameter in index.php and the (2) title parameter in myslideshow.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description Baby Katie Media VSReal and VScal 1.0 index.php lid Parameter XSS. CVE-2006-2986. Webapps exploit for php platform id EDB-ID:27999 last seen 2016-02-03 modified 2006-06-09 published 2006-06-09 reporter Luny source https://www.exploit-db.com/download/27999/ title Baby Katie Media VSReal and VScal 1.0 index.php lid Parameter XSS description Baby Katie Media VSReal and VScal 1.0 myslideshow.php title Parameter XSS. CVE-2006-2986. Webapps exploit for php platform id EDB-ID:28000 last seen 2016-02-03 modified 2006-06-09 published 2006-06-09 reporter Luny source https://www.exploit-db.com/download/28000/ title Baby Katie Media VSReal and VScal 1.0 myslideshow.php title Parameter XSS