Published: 14/03/2006 Updated: 18/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Jupiter Content Manager 1.1.5 and previous versions allows remote malicious users to inject arbitrary web script or HTML via a Javascript URI in the image BBcode tag.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jupiter cms jupiter cms 1.1.4
jupiter cms jupiter cms

Jupiter CMS <= 115 multiple XSS attack vectors Discovered by: Nomenumbra/[0x4F4C] Date: 3/11/2006 impact:high (privilege escalation,site defacement) Jupiter CMS (wwwhighstrikenet/) is a dynamic CMS system like mambo or limbo, allowing users to subscribe and posts events Because no filtering is done upon [image] BBcode input, any u ...

NVD-CWE-Other http://www.securityfocus.com/bid/17072 http://secunia.com/advisories/19215 http://www.osvdb.org/23839 http://www.jupiterportal.com/index.php?n=modules/forum&a=3&d=11&o=5&q=313 http://securityreason.com/securityalert/572 http://www.vupen.com/english/advisories/2006/0942 https://exchange.xforce.ibmcloud.com/vulnerabilities/25241 http://www.securityfocus.com/archive/1/430903/100/0/threaded http://www.securityfocus.com/archive/1/427406/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1576/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-1223

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect