{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-0507", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow remote attackers to inject arbitrary web script or HTML via (1) unknown attack vectors in the administrative interface and (2) input fields of the contact form." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20060129 EasyCMS vulnerable to XSS injection.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/423442/100/0/threaded" }, { "name": "ADV-2006-0385", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0385" }, { "name": "20060208 Re: Re: EasyCMS vulnerable to XSS injection.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/424431/100/0/threaded" }, { "name": "16430", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16430" }, { "name": "20060131 Re: EasyCMS vulnerable to XSS injection.", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/423563/100/0/threaded" }, { "name": "18673", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18673" }, { "name": "easycms-xss(24371)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24371" } ] } }