CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-1122

Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.021

EPSS Ranking 83.0%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/19177
http://securityreason.com/securityalert/559
http://www.osvdb.org/23771
http://www.securityfocus.com/archive/1/427103/100/0/threaded
http://www.securityfocus.com/bid/17035
http://www.vupen.com/english/advisories/2006/0896
https://exchange.xforce.ibmcloud.com/vulnerabilities/25214
http://secunia.com/advisories/19177
http://securityreason.com/securityalert/559
http://www.osvdb.org/23771
http://www.securityfocus.com/archive/1/427103/100/0/threaded
http://www.securityfocus.com/bid/17035
http://www.vupen.com/english/advisories/2006/0896
https://exchange.xforce.ibmcloud.com/vulnerabilities/25214

Products affected by CVE-2006-1122

D2ksoft » D2kblog » Version: 1.0

cpe:2.3:a:d2ksoft:d2kblog:1.0
D2ksoft » D2kblog » Version: 1.0.1

cpe:2.3:a:d2ksoft:d2kblog:1.0.1
D2ksoft » D2kblog » Version: 1.0.2

cpe:2.3:a:d2ksoft:d2kblog:1.0.2
D2ksoft » D2kblog » Version: 1.0.3

cpe:2.3:a:d2ksoft:d2kblog:1.0.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-1122

Products

Pricing

Contact Us