Multiple cross-site scripting (XSS) vulnerabilities in CyberBuild allow remote attackers to inject arbitrary web script or HTML via the (1) SessionID parameter to login.asp, (2) ProductIndex parameter to browse0.htm, (3) rowcolor parameter to result.asp, or (4) heading parameter to result.asp. NOTE: vectors 1 and 2 might be resultant from SQL injection.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-05-04T10:00:00
Updated: 2024-08-07T17:43:27.512Z
Reserved: 2006-05-03T00:00:00
Link: CVE-2006-2178
Vulnrichment
No data.
NVD
Status : Modified
Published: 2006-05-04T12:38:00.000
Modified: 2024-11-21T00:10:44.040
Link: CVE-2006-2178
Redhat
No data.