Vulnerabilities > CVE-2006-5071 - Unspecified vulnerability in Eyeos Project Eyeos
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN eyeos-project
nessus
Summary
Multiple cross-site scripting (XSS) vulnerabilities in eyeOS before 0.9.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) eyeNav and (2) system/baixar.php.
Vulnerable Configurations
Nessus
| NASL family | FreeBSD Local Security Checks |
| NASL id | FREEBSD_PKG_D35276634CCB11DBB48D00508D6A62DF.NASL |
| description | eyeOS team reports : [EyeOS 0.9.1] release fixes two XSS security bugs, so we recommend all users to upgrade to this new version in order to have the best security. These two bugs were discovered by Jose Carlos Norte, who is a new eyeOS developer. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 22455 |
| published | 2006-09-27 |
| reporter | This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/22455 |
| title | FreeBSD : eyeOS -- multiple XSS security bugs (d3527663-4ccb-11db-b48d-00508d6a62df) |
References
- http://eyeos.blogspot.com/2006/09/eyeos-091-released.html
- http://eyeos.blogspot.com/2006/09/eyeos-091-released.html
- http://secunia.com/advisories/22117
- http://secunia.com/advisories/22117
- http://sourceforge.net/project/shownotes.php?group_id=145027&release_id=450490
- http://sourceforge.net/project/shownotes.php?group_id=145027&release_id=450490
- http://www.securityfocus.com/bid/20213
- http://www.securityfocus.com/bid/20213
- http://www.vupen.com/english/advisories/2006/3780
- http://www.vupen.com/english/advisories/2006/3780
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29190
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29190