Vulnerabilities > CVE-2006-3039 - Cross-Site Scripting vulnerability in Realty Home Rent

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

cescripts

NVD

Published: 2006-06-15

Updated: 2018-10-18

Summary

Cross-site scripting (XSS) vulnerability in index.php in Cescripts Realty Home Rent allows remote attackers to inject arbitrary web script or HTML via the sel_menu parameter. NOTE: the vendor notified CVE on 20060823 that "All issues concerning this script and others at cescripts.com have been addressed and fixed."

Vulnerable Configurations

Part	Description	Count
Application	Cescripts Cescripts Realty Home Rent *	1

References

http://secunia.com/advisories/20584
http://www.attrition.org/pipermail/vim/2006-August/000983.html
http://www.securityfocus.com/archive/1/436805
http://www.securityfocus.com/archive/1/444136/100/0/threaded
http://www.vupen.com/english/advisories/2006/2343