Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts IntelliLink Pro 5.06 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter in addlink_lwp.cgi and the (2) id, (3) forgotid, and (4) forgotpass parameters in edit.cgi.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Smarter Scripts | Intellilink Pro | 5.06 |
References
- http://pridels0.blogspot.com/2006/04/intellilink-pro-xss-vuln.html
- http://secunia.com/advisories/19701Vendor Advisory
- http://www.osvdb.org/24732
- http://www.osvdb.org/24733
- http://www.securityfocus.com/bid/17605Exploit
- http://www.vupen.com/english/advisories/2006/1409
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25929
- http://pridels0.blogspot.com/2006/04/intellilink-pro-xss-vuln.html
- http://secunia.com/advisories/19701Vendor Advisory
- http://www.osvdb.org/24732
- http://www.osvdb.org/24733
- http://www.securityfocus.com/bid/17605Exploit
- http://www.vupen.com/english/advisories/2006/1409
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25929
FAQ
What is CVE-2006-1943?
CVE-2006-1943 is a vulnerability with a CVSS score of 2.6 (LOW). Multiple cross-site scripting (XSS) vulnerabilities in Smarter Scripts IntelliLink Pro 5.06 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter in addli...
How severe is CVE-2006-1943?
CVE-2006-1943 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-1943?
Check the references section above for vendor advisories and patch information. Affected products include: Smarter Scripts Intellilink Pro.