CVE-2006-2063 - Vulnerability Details

Vendors	Products
Leadhound Network	Leadhound Full Leadhound Lite

Source	ID	Title
EUVD	EUVD-2006-2064	Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version "Full Version", allow remote attackers to inject arbitrary web script or HTML via the login parameter in (1) agent_affil.pl, (2) agent_help.pl, (3) agent_faq.pl, (4) agent_help_insert.pl, (5) sign_out.pl, (6) members.pl, (7) modify_agent_1.pl, (8) modify_agent_2.pl, (9) modify_agent.pl, (10) agent_links.pl, (11) agent_stats_pending_leads.pl, (12) agent_logoff.pl, (13) agent_rev_det.pl, (14) agent_subaffiliates.pl, (15) agent_stats_pending_leads.pl, (16) agent_transactions.pl, (17) agent_payment_history.pl, (18) agent_summary.pl, (19) agent_camp_all.pl, (20) agent_camp_new.pl, (21) agent_camp_notsub.pl, (22) agent_campaign.pl, (23) agent_camp_expired.pl, (24) agent_stats_det.pl, (25) agent_stats.pl, (26) agent_camp_det.pl, (27) agent_camp_sub.pl, (28) agent_affil_list.pl, and (29) agent_affil_code.pl; the logged parameter in (30) agent_faq.pl, (31) agent_help_insert.pl, (32) members.pl, (33) modify_agent_1.pl, (34) modify_agent_2.pl, (35) modify_agent.pl, (36) agent_links.pl, (37) agent_subaffiliates.pl, (38) agent_stats_pending_leads.pl, (39) agent_transactions.pl, (40) agent_summary.pl, (41) agent_camp_all.pl, (42) agent_camp_new.pl, (43) agent_camp_notsub.pl, (44) agent_campaign.pl, (45) agent_camp_expired.pl, (46) agent_stats.pl, (47) agent_camp_det.pl, (48) agent_camp_sub.pl, (49) agent_affil_list.pl, and (50) agent_affil_code.pl; the camp_id parameter in (51) agent_links.pl, (52) agent_subaffiliates.pl, and (53) agent_camp_det.pl; the (54) banner parameter in agent_links.pl; the offset parameter in (55) agent_links.pl, (56) agent_subaffiliates.pl, (57) agent_transactions.pl, and (58) agent_summary.pl; the date parameter in (59) agent_subaffiliates.pl, (60) agent_transactions.pl, and (61) agent_summary.pl; the dates parameter in (62) agent_rev_det.pl and (63) agent_stats_det.pl; the (64) page parameter in agent_camp_det.pl; the (65) agent_id parameter in agent_commission_statement.pl; and the (66) lost password field in lost_pwd.pl.

Link	Providers
http://pridels0.blogspot.com/2006/04/leadhound-multiple-vuln.html
http://secunia.com/advisories/19867
http://www.osvdb.org/25030
http://www.osvdb.org/25031
http://www.osvdb.org/25032
http://www.osvdb.org/25033
http://www.osvdb.org/25034
http://www.osvdb.org/25035
http://www.osvdb.org/25036
http://www.osvdb.org/25037
http://www.osvdb.org/25038
http://www.osvdb.org/25039
http://www.osvdb.org/25041
http://www.osvdb.org/25042
http://www.osvdb.org/25043
http://www.osvdb.org/25044
http://www.osvdb.org/25045
http://www.osvdb.org/25046
http://www.osvdb.org/25047
http://www.osvdb.org/25048
http://www.osvdb.org/25049
http://www.osvdb.org/25050
http://www.osvdb.org/25051
http://www.osvdb.org/25052
http://www.osvdb.org/25053
http://www.osvdb.org/25054
http://www.osvdb.org/25055
http://www.osvdb.org/25056
http://www.osvdb.org/25057
http://www.osvdb.org/25058
http://www.osvdb.org/25059
http://www.osvdb.org/25060

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-04-18T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version \"Full Version\", allow remote attackers to inject arbitrary web script or HTML via the login parameter in (1) agent_affil.pl, (2) agent_help.pl, (3) agent_faq.pl, (4) agent_help_insert.pl, (5) sign_out.pl, (6) members.pl, (7) modify_agent_1.pl, (8) modify_agent_2.pl, (9) modify_agent.pl, (10) agent_links.pl, (11) agent_stats_pending_leads.pl, (12) agent_logoff.pl, (13) agent_rev_det.pl, (14) agent_subaffiliates.pl, (15) agent_stats_pending_leads.pl, (16) agent_transactions.pl, (17) agent_payment_history.pl, (18) agent_summary.pl, (19) agent_camp_all.pl, (20) agent_camp_new.pl, (21) agent_camp_notsub.pl, (22) agent_campaign.pl, (23) agent_camp_expired.pl, (24) agent_stats_det.pl, (25) agent_stats.pl, (26) agent_camp_det.pl, (27) agent_camp_sub.pl, (28) agent_affil_list.pl, and (29) agent_affil_code.pl; the logged parameter in (30) agent_faq.pl, (31) agent_help_insert.pl, (32) members.pl, (33) modify_agent_1.pl, (34) modify_agent_2.pl, (35) modify_agent.pl, (36) agent_links.pl, (37) agent_subaffiliates.pl, (38) agent_stats_pending_leads.pl, (39) agent_transactions.pl, (40) agent_summary.pl, (41) agent_camp_all.pl, (42) agent_camp_new.pl, (43) agent_camp_notsub.pl, (44) agent_campaign.pl, (45) agent_camp_expired.pl, (46) agent_stats.pl, (47) agent_camp_det.pl, (48) agent_camp_sub.pl, (49) agent_affil_list.pl, and (50) agent_affil_code.pl; the camp_id parameter in (51) agent_links.pl, (52) agent_subaffiliates.pl, and (53) agent_camp_det.pl; the (54) banner parameter in agent_links.pl; the offset parameter in (55) agent_links.pl, (56) agent_subaffiliates.pl, (57) agent_transactions.pl, and (58) agent_summary.pl; the date parameter in (59) agent_subaffiliates.pl, (60) agent_transactions.pl, and (61) agent_summary.pl; the dates parameter in (62) agent_rev_det.pl and (63) agent_stats_det.pl; the (64) page parameter in agent_camp_det.pl; the (65) agent_id parameter in agent_commission_statement.pl; and the (66) lost password field in lost_pwd.pl."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2006-05-02T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "25030", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25030"}, {"name": "25033", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25033"}, {"name": "25057", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25057"}, {"name": "25037", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25037"}, {"name": "25038", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25038"}, {"name": "25052", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25052"}, {"name": "25035", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25035"}, {"name": "25047", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25047"}, {"tags": ["x_refsource_MISC"], "url": "http://pridels0.blogspot.com/2006/04/leadhound-multiple-vuln.html"}, {"name": "25055", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25055"}, {"name": "25051", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25051"}, {"name": "25042", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25042"}, {"name": "25046", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25046"}, {"name": "25041", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25041"}, {"name": "25048", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25048"}, {"name": "25036", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25036"}, {"name": "25058", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25058"}, {"name": "25043", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25043"}, {"name": "19867", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19867"}, {"name": "25031", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25031"}, {"name": "25054", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25054"}, {"name": "25034", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25034"}, {"name": "25060", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25060"}, {"name": "25050", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25050"}, {"name": "25049", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25049"}, {"name": "25059", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25059"}, {"name": "25053", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25053"}, {"name": "25039", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25039"}, {"name": "25045", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25045"}, {"name": "25032", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25032"}, {"name": "25056", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25056"}, {"name": "25044", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/25044"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-2063", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version \"Full Version\", allow remote attackers to inject arbitrary web script or HTML via the login parameter in (1) agent_affil.pl, (2) agent_help.pl, (3) agent_faq.pl, (4) agent_help_insert.pl, (5) sign_out.pl, (6) members.pl, (7) modify_agent_1.pl, (8) modify_agent_2.pl, (9) modify_agent.pl, (10) agent_links.pl, (11) agent_stats_pending_leads.pl, (12) agent_logoff.pl, (13) agent_rev_det.pl, (14) agent_subaffiliates.pl, (15) agent_stats_pending_leads.pl, (16) agent_transactions.pl, (17) agent_payment_history.pl, (18) agent_summary.pl, (19) agent_camp_all.pl, (20) agent_camp_new.pl, (21) agent_camp_notsub.pl, (22) agent_campaign.pl, (23) agent_camp_expired.pl, (24) agent_stats_det.pl, (25) agent_stats.pl, (26) agent_camp_det.pl, (27) agent_camp_sub.pl, (28) agent_affil_list.pl, and (29) agent_affil_code.pl; the logged parameter in (30) agent_faq.pl, (31) agent_help_insert.pl, (32) members.pl, (33) modify_agent_1.pl, (34) modify_agent_2.pl, (35) modify_agent.pl, (36) agent_links.pl, (37) agent_subaffiliates.pl, (38) agent_stats_pending_leads.pl, (39) agent_transactions.pl, (40) agent_summary.pl, (41) agent_camp_all.pl, (42) agent_camp_new.pl, (43) agent_camp_notsub.pl, (44) agent_campaign.pl, (45) agent_camp_expired.pl, (46) agent_stats.pl, (47) agent_camp_det.pl, (48) agent_camp_sub.pl, (49) agent_affil_list.pl, and (50) agent_affil_code.pl; the camp_id parameter in (51) agent_links.pl, (52) agent_subaffiliates.pl, and (53) agent_camp_det.pl; the (54) banner parameter in agent_links.pl; the offset parameter in (55) agent_links.pl, (56) agent_subaffiliates.pl, (57) agent_transactions.pl, and (58) agent_summary.pl; the date parameter in (59) agent_subaffiliates.pl, (60) agent_transactions.pl, and (61) agent_summary.pl; the dates parameter in (62) agent_rev_det.pl and (63) agent_stats_det.pl; the (64) page parameter in agent_camp_det.pl; the (65) agent_id parameter in agent_commission_statement.pl; and the (66) lost password field in lost_pwd.pl."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "25030", "refsource": "OSVDB", "url": "http://www.osvdb.org/25030"}, {"name": "25033", "refsource": "OSVDB", "url": "http://www.osvdb.org/25033"}, {"name": "25057", "refsource": "OSVDB", "url": "http://www.osvdb.org/25057"}, {"name": "25037", "refsource": "OSVDB", "url": "http://www.osvdb.org/25037"}, {"name": "25038", "refsource": "OSVDB", "url": "http://www.osvdb.org/25038"}, {"name": "25052", "refsource": "OSVDB", "url": "http://www.osvdb.org/25052"}, {"name": "25035", "refsource": "OSVDB", "url": "http://www.osvdb.org/25035"}, {"name": "25047", "refsource": "OSVDB", "url": "http://www.osvdb.org/25047"}, {"name": "http://pridels0.blogspot.com/2006/04/leadhound-multiple-vuln.html", "refsource": "MISC", "url": "http://pridels0.blogspot.com/2006/04/leadhound-multiple-vuln.html"}, {"name": "25055", "refsource": "OSVDB", "url": "http://www.osvdb.org/25055"}, {"name": "25051", "refsource": "OSVDB", "url": "http://www.osvdb.org/25051"}, {"name": "25042", "refsource": "OSVDB", "url": "http://www.osvdb.org/25042"}, {"name": "25046", "refsource": "OSVDB", "url": "http://www.osvdb.org/25046"}, {"name": "25041", "refsource": "OSVDB", "url": "http://www.osvdb.org/25041"}, {"name": "25048", "refsource": "OSVDB", "url": "http://www.osvdb.org/25048"}, {"name": "25036", "refsource": "OSVDB", "url": "http://www.osvdb.org/25036"}, {"name": "25058", "refsource": "OSVDB", "url": "http://www.osvdb.org/25058"}, {"name": "25043", "refsource": "OSVDB", "url": "http://www.osvdb.org/25043"}, {"name": "19867", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19867"}, {"name": "25031", "refsource": "OSVDB", "url": "http://www.osvdb.org/25031"}, {"name": "25054", "refsource": "OSVDB", "url": "http://www.osvdb.org/25054"}, {"name": "25034", "refsource": "OSVDB", "url": "http://www.osvdb.org/25034"}, {"name": "25060", "refsource": "OSVDB", "url": "http://www.osvdb.org/25060"}, {"name": "25050", "refsource": "OSVDB", "url": "http://www.osvdb.org/25050"}, {"name": "25049", "refsource": "OSVDB", "url": "http://www.osvdb.org/25049"}, {"name": "25059", "refsource": "OSVDB", "url": "http://www.osvdb.org/25059"}, {"name": "25053", "refsource": "OSVDB", "url": "http://www.osvdb.org/25053"}, {"name": "25039", "refsource": "OSVDB", "url": "http://www.osvdb.org/25039"}, {"name": "25045", "refsource": "OSVDB", "url": "http://www.osvdb.org/25045"}, {"name": "25032", "refsource": "OSVDB", "url": "http://www.osvdb.org/25032"}, {"name": "25056", "refsource": "OSVDB", "url": "http://www.osvdb.org/25056"}, {"name": "25044", "refsource": "OSVDB", "url": "http://www.osvdb.org/25044"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T17:35:31.296Z"}, "title": "CVE Program Container", "references": [{"name": "25030", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25030"}, {"name": "25033", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25033"}, {"name": "25057", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25057"}, {"name": "25037", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25037"}, {"name": "25038", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25038"}, {"name": "25052", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25052"}, {"name": "25035", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25035"}, {"name": "25047", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25047"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://pridels0.blogspot.com/2006/04/leadhound-multiple-vuln.html"}, {"name": "25055", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25055"}, {"name": "25051", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25051"}, {"name": "25042", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25042"}, {"name": "25046", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25046"}, {"name": "25041", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25041"}, {"name": "25048", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25048"}, {"name": "25036", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25036"}, {"name": "25058", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25058"}, {"name": "25043", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25043"}, {"name": "19867", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19867"}, {"name": "25031", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25031"}, {"name": "25054", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25054"}, {"name": "25034", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25034"}, {"name": "25060", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25060"}, {"name": "25050", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25050"}, {"name": "25049", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25049"}, {"name": "25059", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25059"}, {"name": "25053", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25053"}, {"name": "25039", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25039"}, {"name": "25045", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25045"}, {"name": "25032", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25032"}, {"name": "25056", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25056"}, {"name": "25044", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/25044"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-2063", "datePublished": "2006-04-26T20:00:00", "dateReserved": "2006-04-26T00:00:00", "dateUpdated": "2024-08-07T17:35:31.296Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:leadhound_network:leadhound_full:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "7C83F713-2891-4701-8399-AF3579A4B8AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:leadhound_network:leadhound_full:2.1_network_version:*:*:*:*:*:*:*", "matchCriteriaId": "E3967028-7FE5-4788-AC23-D5460FA00109", "vulnerable": true}, {"criteria": "cpe:2.3:a:leadhound_network:leadhound_lite:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB97A3C6-635A-4577-8845-79A2459DFB60", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in Leadhound Full and LITE 2.1, and probably the Network Version \"Full Version\", allow remote attackers to inject arbitrary web script or HTML via the login parameter in (1) agent_affil.pl, (2) agent_help.pl, (3) agent_faq.pl, (4) agent_help_insert.pl, (5) sign_out.pl, (6) members.pl, (7) modify_agent_1.pl, (8) modify_agent_2.pl, (9) modify_agent.pl, (10) agent_links.pl, (11) agent_stats_pending_leads.pl, (12) agent_logoff.pl, (13) agent_rev_det.pl, (14) agent_subaffiliates.pl, (15) agent_stats_pending_leads.pl, (16) agent_transactions.pl, (17) agent_payment_history.pl, (18) agent_summary.pl, (19) agent_camp_all.pl, (20) agent_camp_new.pl, (21) agent_camp_notsub.pl, (22) agent_campaign.pl, (23) agent_camp_expired.pl, (24) agent_stats_det.pl, (25) agent_stats.pl, (26) agent_camp_det.pl, (27) agent_camp_sub.pl, (28) agent_affil_list.pl, and (29) agent_affil_code.pl; the logged parameter in (30) agent_faq.pl, (31) agent_help_insert.pl, (32) members.pl, (33) modify_agent_1.pl, (34) modify_agent_2.pl, (35) modify_agent.pl, (36) agent_links.pl, (37) agent_subaffiliates.pl, (38) agent_stats_pending_leads.pl, (39) agent_transactions.pl, (40) agent_summary.pl, (41) agent_camp_all.pl, (42) agent_camp_new.pl, (43) agent_camp_notsub.pl, (44) agent_campaign.pl, (45) agent_camp_expired.pl, (46) agent_stats.pl, (47) agent_camp_det.pl, (48) agent_camp_sub.pl, (49) agent_affil_list.pl, and (50) agent_affil_code.pl; the camp_id parameter in (51) agent_links.pl, (52) agent_subaffiliates.pl, and (53) agent_camp_det.pl; the (54) banner parameter in agent_links.pl; the offset parameter in (55) agent_links.pl, (56) agent_subaffiliates.pl, (57) agent_transactions.pl, and (58) agent_summary.pl; the date parameter in (59) agent_subaffiliates.pl, (60) agent_transactions.pl, and (61) agent_summary.pl; the dates parameter in (62) agent_rev_det.pl and (63) agent_stats_det.pl; the (64) page parameter in agent_camp_det.pl; the (65) agent_id parameter in agent_commission_statement.pl; and the (66) lost password field in lost_pwd.pl."}], "id": "CVE-2006-2063", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-04-26T20:06:00.000", "references": [{"source": "cve@mitre.org", "url": "http://pridels0.blogspot.com/2006/04/leadhound-multiple-vuln.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/19867"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25030"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25031"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25032"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25033"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/25034"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25035"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25036"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25037"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25038"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25039"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25041"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25042"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25043"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25044"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25045"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25046"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25047"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25048"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25049"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25050"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25051"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25052"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25053"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25054"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25055"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25056"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25057"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25058"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25059"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.osvdb.org/25060"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://pridels0.blogspot.com/2006/04/leadhound-multiple-vuln.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/19867"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25030"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25031"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25032"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25033"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/25034"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25035"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25036"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25037"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25038"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25039"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25041"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25042"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25043"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25044"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25045"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25046"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25047"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25048"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25049"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25050"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25051"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25052"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25053"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25054"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25056"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25057"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25058"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25059"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.osvdb.org/25060"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object