Vulnerabilities > CVE-2006-4324 - Cross-Site Scripting vulnerability in Cityforfree Indexcity 1.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
cityforfree
Summary
Cross-site scripting (XSS) vulnerability in add_url2.php in CityForFree indexcity 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/49994/EV0135.txt |
| id | PACKETSTORM:49994 |
| last seen | 2016-12-05 |
| published | 2006-09-14 |
| reporter | Aliaksandr Hartsuyeu |
| source | https://packetstormsecurity.com/files/49994/EV0135.txt.html |
| title | EV0135.txt |