Vulnerabilities > CVE-2006-6768 - Cross-Site Scripting vulnerability in The Classified Ad System

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
pwp-technologies
exploit available
NVD
Published: 2006-12-27
Updated: 2018-10-17

Summary

Multiple cross-site scripting (XSS) vulnerabilities in default.asp in PWP Technologies The Classified Ad System allow remote attackers to inject arbitrary web script or HTML via the (1) cat or (2) main parameter.

Vulnerable Configurations

Part Description Count
Application
Pwp_Technologies
1

Exploit-Db

descriptionThe Classified Ad System 3.0 default.asp Multiple Parameter XSS. CVE-2006-6768 . Webapps exploit for asp platform
idEDB-ID:29141
last seen2016-02-03
modified2006-11-20
published2006-11-20
reporterlaurent gaffie
sourcehttps://www.exploit-db.com/download/29141/
titleThe Classified Ad System 3.0 default.asp Multiple Parameter XSS

References