CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-1965

Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net Clubs Pro 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) onuser, (2) pass, (3) chatsys, (4) room, (5) username, and (6) to parameters in (a) sendim.cgi; the (7) username parameter in (b) imessage.cgi; the (8) password parameter in (c) login.cgi; and the (9) cat_id parameter in (d) viewcat.cgi.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.2%

CVSS Severity

CVSS v2 Score 5.8

References

http://pridels0.blogspot.com/2006/04/net-clubs-pro-xss-vuln.html
http://secunia.com/advisories/19651
http://www.osvdb.org/24754
http://www.osvdb.org/24755
http://www.osvdb.org/24756
http://www.osvdb.org/24757
http://www.securityfocus.com/bid/17622
http://www.vupen.com/english/advisories/2006/1436
https://exchange.xforce.ibmcloud.com/vulnerabilities/25957
http://pridels0.blogspot.com/2006/04/net-clubs-pro-xss-vuln.html
http://secunia.com/advisories/19651
http://www.osvdb.org/24754
http://www.osvdb.org/24755
http://www.osvdb.org/24756
http://www.osvdb.org/24757
http://www.securityfocus.com/bid/17622
http://www.vupen.com/english/advisories/2006/1436
https://exchange.xforce.ibmcloud.com/vulnerabilities/25957

Products affected by CVE-2006-1965

Aasi Media » Net Clubs Pro » Version: 4.0

cpe:2.3:a:aasi_media:net_clubs_pro:4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-1965

Products

Pricing

Contact Us