Vulnerabilities > CVE-2006-3765 - HTML Injection vulnerability in hdweGUEST
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
huttenlocher-webdesign
Summary
Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher Webdesign hwdeGUEST 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated by the "name input" field in new_entry.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |