admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2006/CVE-2006-13xx/CVE-2006-1336.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

135 lines
3.7 KiB
JSON
Raw Blame History

{
"id": "CVE-2006-1336",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-03-21T02:06:00.000",
"lastModified": "2024-11-21T00:08:36.733",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in calendar.php in ExtCalendar 1.0 and possibly other versions before 2.0 allows remote attackers to inject arbitrary web script or HTML via the (1) year, (2) month, (3) next, and (4) prev parameters."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:extcalendar:extcalendar:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00F36EFE-7143-4642-8EAE-22C275CA4234"
}
]
}
]
}
],
"references": [
{
"url": "http://secunia.com/advisories/19321",
"source": "cve@mitre.org"
},
{
"url": "http://securityreason.com/securityalert/601",
"source": "cve@mitre.org"
},
{
"url": "http://www.osvdb.org/23969",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/428131/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/17146",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/1012",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25350",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/19321",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://securityreason.com/securityalert/601",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.osvdb.org/23969",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/archive/1/428131/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/17146",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "http://www.vupen.com/english/advisories/2006/1012",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25350",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
],
"evaluatorSolution": "This issue is reportedly addressed in ExtCalendar 2.0. Symantec has not confirmed this fix. Affected users are advised to contact the vendor for further information."
}
Reference in New Issue View Git Blame Copy Permalink