Vulnerabilities > CVE-2006-5060 - Cross-Site Scripting vulnerability in Jamroom 3.0.16

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

jamroom

exploit available

NVD

Published: 2006-09-28

Updated: 2018-10-17

Summary

Cross-site scripting (XSS) vulnerability in login.php in Jamroom 3.0.16 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the forgot parameter in the forgot mode.

Vulnerable Configurations

Part	Description	Count
Application	Jamroom Jamroom Jamroom 3.0.16	1

Exploit-Db

description	Jamroom 3.0.16 Login.php Cross-Site Scripting Vulnerability. CVE-2006-5060. Webapps exploit for palm_os platform
id	EDB-ID:28659
last seen	2016-02-03
modified	2006-09-24
published	2006-09-24
reporter	meto5757
source	https://www.exploit-db.com/download/28659/
title	Jamroom 3.0.16 Login.php Cross-Site Scripting Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References