Cross-site scripting (XSS) vulnerability in Default.aspx in Perpetual Motion Interactive Systems DotNetNuke before 3.3.5, and 4.x before 4.3.5, allows remote attackers to inject arbitrary HTML via the error parameter.
References
Link | Resource |
---|---|
http://secunia.com/advisories/22051 | |
http://www.dotnetnuke.com/About/WhatIsDotNetNuke/SecurityPolicy/SecurityBulletinno3/tabid/990/Default.aspx | Patch Vendor Advisory |
http://www.secureshapes.com/advisories/vuln20-09-2006.htm | Exploit Patch Vendor Advisory URL Repurposed |
http://www.securityfocus.com/bid/20117 | Exploit |
http://www.vupen.com/english/advisories/2006/3734 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/29048 | |
http://secunia.com/advisories/22051 | |
http://www.dotnetnuke.com/About/WhatIsDotNetNuke/SecurityPolicy/SecurityBulletinno3/tabid/990/Default.aspx | Patch Vendor Advisory |
http://www.secureshapes.com/advisories/vuln20-09-2006.htm | Exploit Patch Vendor Advisory URL Repurposed |
http://www.securityfocus.com/bid/20117 | Exploit |
http://www.vupen.com/english/advisories/2006/3734 | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/29048 |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/22051 - | |
References | () http://www.dotnetnuke.com/About/WhatIsDotNetNuke/SecurityPolicy/SecurityBulletinno3/tabid/990/Default.aspx - Patch, Vendor Advisory | |
References | () http://www.secureshapes.com/advisories/vuln20-09-2006.htm - Exploit, Patch, Vendor Advisory, URL Repurposed | |
References | () http://www.securityfocus.com/bid/20117 - Exploit | |
References | () http://www.vupen.com/english/advisories/2006/3734 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/29048 - |
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://www.secureshapes.com/advisories/vuln20-09-2006.htm - Exploit, Patch, Vendor Advisory, URL Repurposed |
Information
Published : 2006-09-25 01:07
Updated : 2024-11-21 00:17
NVD link : CVE-2006-4973
Mitre link : CVE-2006-4973
CVE.ORG link : CVE-2006-4973
JSON object : View
Products Affected
dotnetnuke
- dotnetnuke
CWE