Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 06/09/2006 Updated: 17/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in index.php in HLStats 1.34 allows remote malicious users to inject arbitrary web script or HTML via the (1) game parameter in players mode, the (2) weapon parameter in weaponinfo mode, the (3) st parameter in search mode, the (4) action parameter in actioninfo mode, and the (5) map parameter in mapinfo mode.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hlstats hlstats 1.34

source: wwwsecurityfocuscom/bid/19771/info HLstats is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied data Exploiting these issues may help an attacker steal cookie-based authentication credentials and launch other attacks Version 134 is reported vulnerable; ...

NVD-CWE-Other http://www.securityfocus.com/bid/19771 http://secunia.com/advisories/21635 http://securityreason.com/securityalert/1490 http://www.securityfocus.com/archive/1/444716/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/28446/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-4543

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect