Vulnerabilities > CVE-2006-3620 - Input Validation vulnerability in Dream4 Koobi PRO 5.6

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

dream4

exploit available

NVD

Published: 2006-07-18

Updated: 2018-10-18

Summary

Cross-site scripting (XSS) vulnerability in the showtopic module in Koobi Pro CMS 5.6 allows remote attackers to inject arbitrary web script or HTML via the toid parameter.

Vulnerable Configurations

Part	Description	Count
Application	Dream4 Dream4 Koobi PRO 5.6	1

Exploit-Db

description	Koobi Pro 5.6 showtopic Module toid Parameter XSS. CVE-2006-3620. Webapps exploit for php platform
id	EDB-ID:28218
last seen	2016-02-03
modified	2006-07-13
published	2006-07-13
reporter	Evampire chiristof
source	https://www.exploit-db.com/download/28218/
title	Koobi Pro 5.6 showtopic Module toid Parameter XSS

References

http://securitytracker.com/id?1016485
http://www.securityfocus.com/archive/1/443294/100/100/threaded
http://www.securityfocus.com/bid/18970
https://exchange.xforce.ibmcloud.com/vulnerabilities/27729