Vulnerabilities > CVE-2006-5799 - Input Validation vulnerability in Xenis.creator CMS
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
xenis
Summary
Multiple cross-site scripting (XSS) vulnerabilities in default.asp in xenis.creator CMS allow remote attackers to inject arbitrary web script or HTML via the (1) contid or (2) search parameters.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://marc.info/?l=bugtraq&m=116266150514762&w=2
- http://secunia.com/advisories/22716
- http://securitytracker.com/id?1017162
- http://www.majorsecurity.de/index_2.php?major_rls=major_rls31
- http://www.securityfocus.com/bid/20908
- http://www.vupen.com/english/advisories/2006/4470
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30019