CVE-2006-1687

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2006-1687
Cross-site scripting (XSS) vulnerability in APT-webshop-system 4.0 PRO, 3.0 BASIC, and 3.0 LIGHT allows remote attackers to inject arbitrary web script or HTML via the message parameter, probably involving the basket functionality.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://secunia.com/advisories/19592 Vendor Advisory
http://pridels0.blogspot.com/2006/04/apt-webshop-system-vuln.html
http://www.vupen.com/english/advisories/2006/1293
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apt:apt-webshop-system:4.0:*:pro:*:*:*:*:*
cpe:2.3:a:apt:apt-webshop-system:3.0:*:basic:*:*:*:*:*
cpe:2.3:a:apt:apt-webshop-system:3.0:*:light:*:*:*:*:*
Information

Published : 2006-04-10 17:02

Updated : 2011-03-07 18:33

NVD link : CVE-2006-1687

Mitre link : CVE-2006-1687

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

apt

  • apt-webshop-system