CVE-2006-2951
Summary
| CVE | CVE-2006-2951 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-12 20:06:00 UTC |
| Updated | 2018-10-18 16:44:00 UTC |
| Description | Multiple cross-site scripting (XSS) vulnerabilities in Net Portal Dynamic System (NPDS) 5.10 and earlier allow remote attackers to inject arbitrary web script and HTML via the (1) Titlesitename or (2) sitename parameter to (a) header.php, (3) nuke_url parameter to (b) meta/meta.php, (4) forum parameter to (c) viewforum.php, (5) post_id, (6) forum, (7) topic, or (8) arbre parameter to (d) editpost.php, or (9) uname or (10) email parameter to (e) user.php. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 26293 | OSVDB | www.osvdb.org | |
| new.fr is available for purchase - Sedo.com | MISC | www.acid-root.new.fr | Exploit |
| 26294 | OSVDB | www.osvdb.org | |
| SecurityReason - NPDS <= 5.10 Local Inclusion, XSS, Full path disclosure | SREASON | securityreason.com | |
| 26296 | OSVDB | www.osvdb.org | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| 26295 | OSVDB | www.osvdb.org | |
| 26292 | OSVDB | www.osvdb.org | |
| NPDS Local File Inclusion and Cross-Site Scripting Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | Exploit, Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| NPDS Multiple Input Validation Vulnerabilities | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.