Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2006-1960

Published: 21/04/2006 Updated: 18/10/2018
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
VMScore: 585
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N
Subscribe to Wireless Lan Solution Engine

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in the appliance web user interface in Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express prior to 2.13 allows remote malicious users to inject arbitrary web script or HTML, possibly via the displayMsg parameter to archiveApplyDisplay.jsp, aka bug ID CSCsc01095.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco wireless lan solution engine 2.0

cisco wireless lan solution engine 2.1

cisco wireless lan solution engine 2.10

cisco wireless lan solution engine 2.13

cisco wireless lan solution engine 2.2

cisco wireless lan solution engine 2.5

cisco wireless lan solution engine 2.6

cisco wireless lan solution engine 2.11

cisco wireless lan solution engine 2.12

cisco wireless lan solution engine 2.3

cisco wireless lan solution engine 2.4

cisco wireless lan solution engine 2.7

cisco wireless lan solution engine 2.8

cisco wireless lan solution engine 2.9

Vendor Advisories

Cisco: Multiple Vulnerabilities in the WLSE Appliance
There are two vulnerabilities that exist in the CiscoWorks Wireless LAN Solution Engine (WLSE) The first is a cross site scripting (XSS) vulnerability that may allow an attacker to gain administrative privileges on the system The second is a local privilege escalation vulnerability that can be used by an attacker who already has authentic ...

Exploits

Exploit DB: Cisco Wireless Lan Solution Engine - ArchiveApplyDisplay.jsp Cross-Site Scripting
source: wwwsecurityfocuscom/bid/17604/info CiscoWorks Wireless LAN Solution Engine (WLSE) is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affe ...

References

NVD-CWE-Otherhttp://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtmlhttp://securitytracker.com/id?1015965http://secunia.com/advisories/19736http://www.assurance.com.au/advisories/200604-cisco.txthttp://www.securityfocus.com/bid/17604http://www.osvdb.org/24812http://www.vupen.com/english/advisories/2006/1434https://exchange.xforce.ibmcloud.com/vulnerabilities/25883http://www.securityfocus.com/archive/1/431371/30/5490/threadedhttp://www.securityfocus.com/archive/1/431367/30/5490/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/27684/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20060419-wlse
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook