nvd-json-data-feeds/CVE-2006/CVE-2006-65xx/CVE-2006-6520.json

{
  "id": "CVE-2006-6520",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2006-12-14T01:28:00.000",
  "lastModified": "2018-10-17T21:49:05.753",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in Messageriescripthp 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pseudo parameter to (a) existepseudo.php, the (2) email parameter to (b) existeemail.php, or the (3) pageName or (4) cssform parameter to (c) Contact/contact.php."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Messageriescripthp 2.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante el (1) par\u00e1metro pseudo a (a) existepseudo.php, el (2) par\u00e1metro email a (b) existeemail.php, o los par\u00e1metros (3) pageName o (4) cssform a (c) Contact/contact.php."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": true,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:scriptphp:messageriescripthp:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "09698D48-2164-410A-8AE8-C98D9902BC17"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://securityreason.com/securityalert/2026",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/archive/1/453965/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/21513",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2006/4939",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30819",
      "source": "cve@mitre.org"
    }
  ]
}
bootstrap 2023-04-24 12:24:31 +02:00			`{`
			`"id": "CVE-2006-6520",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2006-12-14T01:28:00.000",`
			`"lastModified": "2018-10-17T21:49:05.753",`
			`"vulnStatus": "Modified",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Multiple cross-site scripting (XSS) vulnerabilities in Messageriescripthp 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pseudo parameter to (a) existepseudo.php, the (2) email parameter to (b) existeemail.php, or the (3) pageName or (4) cssform parameter to (c) Contact/contact.php."`
			`},`
			`{`
			`"lang": "es",`
			`"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en Messageriescripthp 2.0 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante el (1) par\u00e1metro pseudo a (a) existepseudo.php, el (2) par\u00e1metro email a (b) existeemail.php, o los par\u00e1metros (3) pageName o (4) cssform a (c) Contact/contact.php."`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV2": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"cvssData": {`
			`"version": "2.0",`
			`"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",`
			`"accessVector": "NETWORK",`
			`"accessComplexity": "MEDIUM",`
			`"authentication": "NONE",`
			`"confidentialityImpact": "PARTIAL",`
			`"integrityImpact": "PARTIAL",`
			`"availabilityImpact": "PARTIAL",`
			`"baseScore": 6.8`
			`},`
			`"baseSeverity": "MEDIUM",`
			`"exploitabilityScore": 8.6,`
			`"impactScore": 6.4,`
			`"acInsufInfo": false,`
			`"obtainAllPrivilege": false,`
			`"obtainUserPrivilege": false,`
			`"obtainOtherPrivilege": true,`
			`"userInteractionRequired": false`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "nvd@nist.gov",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "NVD-CWE-Other"`
			`}`
			`]`
			`}`
			`],`
			`"configurations": [`
			`{`
			`"nodes": [`
			`{`
			`"operator": "OR",`
			`"negate": false,`
			`"cpeMatch": [`
			`{`
			`"vulnerable": true,`
			`"criteria": "cpe:2.3:a:scriptphp:messageriescripthp:2.0:::::::*",`
			`"matchCriteriaId": "09698D48-2164-410A-8AE8-C98D9902BC17"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "http://securityreason.com/securityalert/2026",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "http://www.securityfocus.com/archive/1/453965/100/0/threaded",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "http://www.securityfocus.com/bid/21513",`
			`"source": "cve@mitre.org",`
			`"tags": [`
			`"Exploit"`
			`]`
			`},`
			`{`
			`"url": "http://www.vupen.com/english/advisories/2006/4939",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30819",`
			`"source": "cve@mitre.org"`
			`}`
			`]`
			`}`