CVE-2006-5830

Scores

EPSS

0.000none0.0%

0%20%40%60%80%100%

Percentile: 0.0%

CVSS

6.8medium2.0

0246810

CVSS Score: 6.8/10

All CVSS Scores

CVSS 2.0

6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Description

Multiple cross-site scripting (XSS) vulnerabilities in All In One Control Panel (AIOCP) 1.3.007 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) topid, (2) forid, and (3) catid parameters to code/cp_forum_view.php; (4) choosed_language parameter to cp_dpage.php; (5) orderdir parameter to cp_links_search.php; (6) order_field parameter to (a) cp_show_ec_products.php and (b) cp_users_online.php; and the (7) signature and (8) fiscal code fields in the user profile.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

nvd

Exploits

Exploit ID: 28917

Source: exploitdb

URL: https://www.exploit-db.com/exploits/28917

Exploit ID: 28918

Source: exploitdb

URL: https://www.exploit-db.com/exploits/28918

Exploit ID: 28919

Source: exploitdb

URL: https://www.exploit-db.com/exploits/28919

Exploit ID: 28920

Source: exploitdb

URL: https://www.exploit-db.com/exploits/28920

Exploit ID: 28921

Source: exploitdb

URL: https://www.exploit-db.com/exploits/28921

Vulnerable Software (1)

Type: Configuration

Vendor: aiocp

Product: aiocp

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.000:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.001:*:*:*:*:*:*:*",      "...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.000:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.001:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.002:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.003:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.004:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.005:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.006:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:aiocp:aiocp:1.3.007:*:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Russian Vulnerability Scanner Database

CVE-2006-5830

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

Exploits

Vulnerable Software (1)