Vulnerabilities > CVE-2006-4737 - Input Validation vulnerability in Jetbox CMS 2.1Sr1

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
jetbox

Summary

SQL injection vulnerability in index.php in Jetbox CMS allows remote attackers to inject arbitrary web script or HTML via the item parameter. NOTE: The view vector is already covered by CVE-2006-3586.2.

Vulnerable Configurations

Part Description Count
Application
Jetbox
1