CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-2641

** UNVERIFIABLE ** NOTE: this issue does not contain any verifiable or actionable details. Cross-site scripting (XSS) vulnerability in John Frank Asset Manager (AssetMan) 2.4a and earlier allows remote attackers to inject arbitrary web script or HTML via "any of its input." NOTE: the original disclosure is based on vague researcher claims without vendor acknowledgement; therefore this identifier cannot be linked with any future identifier that identifies more specific vectors. Perhaps this should not be included in CVE.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.2%

CVSS Severity

CVSS v2 Score 5.8

References

http://secunia.com/advisories/20285
http://securityreason.com/securityalert/979
http://www.securityfocus.com/archive/1/435139/100/0/threaded
http://www.securityfocus.com/bid/18131
http://www.vupen.com/english/advisories/2006/2023
https://exchange.xforce.ibmcloud.com/vulnerabilities/26702
http://secunia.com/advisories/20285
http://securityreason.com/securityalert/979
http://www.securityfocus.com/archive/1/435139/100/0/threaded
http://www.securityfocus.com/bid/18131
http://www.vupen.com/english/advisories/2006/2023
https://exchange.xforce.ibmcloud.com/vulnerabilities/26702

Products affected by CVE-2006-2641

John Frank » Asset Manager » Version: 2.4a

cpe:2.3:a:john_frank:asset_manager:2.4a

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-2641

Products

Pricing

Contact Us