Vulnerabilities > CVE-2006-4361 - Cross-Site Scripting vulnerability in Diesel Job Site

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

dieselscripts

NVD

Published: 2006-08-27

Updated: 2018-10-17

Summary

Multiple cross-site scripting (XSS) vulnerabilities in jobseekers/forgot.php in Diesel Job Site allow remote attackers to inject arbitrary web script or HTML via the (1) uname or (2) SEmail parameters.

Vulnerable Configurations

Part	Description	Count
Application	Dieselscripts Dieselscripts Diesel JOB Site *	1

References

http://secunia.com/advisories/21589
http://securityreason.com/securityalert/1453
http://www.osvdb.org/28073
http://www.securityfocus.com/archive/1/443926/100/0/threaded
http://www.vupen.com/english/advisories/2006/3345
https://exchange.xforce.ibmcloud.com/vulnerabilities/28494