Multiple cross-site scripting (XSS) vulnerabilities in CreaScripts Creadirectory allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to addlisting.asp or the (2) search parameter to search.asp.
References
| Link | Resource |
|---|---|
| http://s-a-p.ca/index.php?page=OurAdvisories&id=54 | Exploit Vendor Advisory URL Repurposed |
| http://secunia.com/advisories/23067 | Exploit Vendor Advisory |
| http://securityreason.com/securityalert/1907 | |
| http://www.securityfocus.com/archive/1/452241/100/0/threaded | |
| http://www.securityfocus.com/bid/21230 | Exploit |
| http://www.vupen.com/english/advisories/2006/4665 | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/30473 |
Configurations
History
No history.
Information
Published : 2006-11-24 18:07
Updated : 2024-02-14 01:17
NVD link : CVE-2006-6082
Mitre link : CVE-2006-6082
CVE.ORG link : CVE-2006-6082
JSON object : View
Products Affected
creascripts
- creadirectory
CWE