PT-2006-3893 · Vscal+1 · Very Simple Car Lister+1

Published

2006-06-13

Updated

2018-10-18

CVE-2006-2986

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions very Simple Car Lister (vSCAL) version 1.0 very simple Realty Lister (vsREAL) version 1.0

Description The issue allows remote attackers to inject arbitrary web script or HTML. This can be achieved via the lid parameter in "index.php" or the title parameter in "myslideshow.php".

Recommendations For very Simple Car Lister (vSCAL) version 1.0, avoid using the lid parameter in "index.php" until the issue is resolved. For very simple Realty Lister (vsREAL) version 1.0, avoid using the title parameter in "myslideshow.php" until the issue is resolved.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-2986

Affected Products

Very Simple Car Lister

Very Simple Realty Lister

PT-2006-3893 · Vscal+1 · Very Simple Car Lister+1

CVE-2006-2986

Related Identifiers

Affected Products

References · 9