Xenis : Security Vulnerabilities
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complex
ity
|
Authen
tication
|
Confiden
tiality
|
Integrity
|
Availa
bility
|
|
1 |
CVE-2006-5800 |
|
|
XSS |
2006-11-08 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in default.asp in xenis.creator CMS allows remote attackers to inject arbitrary web script or HTML via the nav parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
|
2 |
CVE-2006-5799 |
|
|
XSS |
2006-11-08 |
2008-09-05 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple cross-site scripting (XSS) vulnerabilities in default.asp in xenis.creator CMS allow remote attackers to inject arbitrary web script or HTML via the (1) contid or (2) search parameters. |
|
3 |
CVE-2006-5798 |
|
|
Exec Code Sql |
2006-11-08 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in default.asp in Xenis.creator CMS allows remote attackers to execute arbitrary SQL commands via the contid parameter. |
|
4 |
CVE-2006-5797 |
|
|
Exec Code Sql |
2006-11-08 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in default.asp in Xenis.creator CMS allow remote attackers to execute arbitrary SQL commands via the (1) nav, (2) s, or (3) print parameters. |
Total number of vulnerabilities :
4
Page :
1
(This Page)
