Vulnerabilities > CVE-2006-3037 - Cross-Site Scripting vulnerability in Site Trade ST Admanager Lite V1

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

site-trade

NVD

Published: 2006-06-15

Updated: 2017-07-20

Summary

Multiple cross-site scripting (XSS) vulnerabilities in publish.php in ST AdManager Lite allow remote attackers to inject arbitrary web script or HTML via the (1) title, (2) description, (3) article, (4) bio, and (5) name parameters.

Vulnerable Configurations

Part	Description	Count
Application	Site_Trade Site Trade ST Admanager Lite V1	1

References

http://secunia.com/advisories/20598
http://www.securityfocus.com/archive/1/436657/30/0/threaded
http://www.vupen.com/english/advisories/2006/2303
https://exchange.xforce.ibmcloud.com/vulnerabilities/27161