Vulnerabilities > CVE-2006-4206 - Cross-Site Scripting vulnerability in Aspplayground.Net 2.4.5
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in calendar.asp in ASPPlayground.NET Forum Advanced Edition 2.4.5 Unicode, and possibly other versions before October 15, 2006, allows remote attackers to inject arbitrary web script or HTML via the calendarID parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | ASPPlayGround.NET Forum 2.4.5 Calendar.ASP Cross-Site Scripting Vulnerability. CVE-2006-4206. Webapps exploit for asp platform |
id | EDB-ID:28742 |
last seen | 2016-02-03 |
modified | 2006-10-27 |
published | 2006-10-27 |
reporter | MizoZ |
source | https://www.exploit-db.com/download/28742/ |
title | ASPPlayGround.NET Forum 2.4.5 Calendar.ASP Cross-Site Scripting Vulnerability |
Statements
contributor | Samuel Chou |
lastmodified | 2006-12-20 |
organization | ASPPlayground.NET |
statement | The issue has been fixed in the latest round of patch released on Oct 15, 2006. |