Vulnerabilities > CVE-2006-5529 - Input Validation vulnerability in Schoolalumni Portal Schoolalumni Portal 2.26

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
schoolalumni-portal
exploit available
NVD
Published: 2006-10-26
Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in smumdadotcom_ascyb_alumni/mod.php in SchoolAlumni Portal 2.26 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a search operation in the katalog module. NOTE: some of these details are obtained from third party information.

Vulnerable Configurations

Part Description Count
Application
Schoolalumni_Portal
1

Exploit-Db

descriptionSchoolAlumni Portal 2.26 smumdadotcom_ascyb_alumni/mod.php katalog Module query Parameter XSS. CVE-2006-5529. Webapps exploit for php platform
idEDB-ID:28839
last seen2016-02-03
modified2006-10-23
published2006-10-23
reporterMP
sourcehttps://www.exploit-db.com/download/28839/
titleSchoolAlumni Portal 2.26 smumdadotcom_ascyb_alumni/mod.php katalog Module query Parameter XSS

References