Vulnerabilities > CVE-2006-3273 - HTML Injection vulnerability in Astrodog Press Some Chess 1.5Rc1

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

astrodog-press

NVD

Published: 2006-06-28

Updated: 2018-10-18

Summary

Cross-site scripting (XSS) vulnerability in menu.php in Some Chess 1.5 rc1 allows remote attackers to inject arbitrary web script or HTML via the user parameter ("New Name" field).

Vulnerable Configurations

Part	Description	Count
Application	Astrodog_Press Astrodog Press Some Chess 1.5_Rc1	1

References

http://secunia.com/advisories/20770
http://securityreason.com/securityalert/1162
http://securitytracker.com/id?1016360
http://www.securityfocus.com/archive/1/438009/100/0/threaded
http://www.securityfocus.com/bid/18557
https://exchange.xforce.ibmcloud.com/vulnerabilities/27307