Vulnerabilities > CVE-2006-6518 - Unspecified vulnerability in Scriptphp Pronews 1.5
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN scriptphp
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ProNews 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) pseudo, (2) email, (3) date, (4) sujet, (5) message, (6) site, and (7) lien parameters to (a) admin/change.php, and the (8) aa parameter to (b) lire-avis.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description ProNews 1.5 admin/change.php Multiple Parameter XSS. CVE-2006-6518. Webapps exploit for php platform id EDB-ID:29267 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29267/ title ProNews 1.5 admin/change.php Multiple Parameter XSS description ProNews 1.5 lire-avis.php aa Parameter XSS. CVE-2006-6518 . Webapps exploit for php platform id EDB-ID:29269 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29269/ title ProNews 1.5 lire-avis.php aa Parameter XSS