Vulnerabilities > CVE-2006-3769 - Cross-Site Scripting vulnerability in TOP XL TOP XL 1.0

047910
CVSS 2.6 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
high complexity
top-xl

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pass and (2) pass2 parameters in (a) add.php or the (3) id parameter in (b) members/index.php. Successful exploitation requires that register_globals is enabled.

Vulnerable Configurations

Part Description Count
Application
Top_Xl
2