Vulnerabilities > CVE-2006-4324 - Cross-Site Scripting vulnerability in Cityforfree Indexcity 1.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
cityforfree
Summary
Cross-site scripting (XSS) vulnerability in add_url2.php in CityForFree indexcity 1.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/49994/EV0135.txt |
id | PACKETSTORM:49994 |
last seen | 2016-12-05 |
published | 2006-09-14 |
reporter | Aliaksandr Hartsuyeu |
source | https://packetstormsecurity.com/files/49994/EV0135.txt.html |
title | EV0135.txt |