Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Pages module in Shadowed Portal allows remote attackers to inject arbitrary web script or HTML via the page parameter to load.php.
CVSS Score
2.6
LOW
AV:N/AC:H/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Shadowed Portal | Shadowed Portal | <= 5.7d2 |
References
- http://liz0zim.no-ip.org/shad0w.txtExploit
- http://secunia.com/advisories/19595ExploitVendor Advisory
- http://securityreason.com/securityalert/685
- http://www.securityfocus.com/archive/1/430376/100/0/threaded
- http://www.securityfocus.com/bid/17430
- http://www.vupen.com/english/advisories/2006/1286
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25716
- http://liz0zim.no-ip.org/shad0w.txtExploit
- http://secunia.com/advisories/19595ExploitVendor Advisory
- http://securityreason.com/securityalert/685
- http://www.securityfocus.com/archive/1/430376/100/0/threaded
- http://www.securityfocus.com/bid/17430
- http://www.vupen.com/english/advisories/2006/1286
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25716
FAQ
What is CVE-2006-1701?
CVE-2006-1701 is a vulnerability with a CVSS score of 2.6 (LOW). Cross-site scripting (XSS) vulnerability in the Pages module in Shadowed Portal allows remote attackers to inject arbitrary web script or HTML via the page parameter to load.php.
How severe is CVE-2006-1701?
CVE-2006-1701 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1701?
Check the references section above for vendor advisories and patch information. Affected products include: Shadowed Portal Shadowed Portal.