Multiple XSS Vulnerabilities in eyeOS by eyeOS
CVE-2006-5071

Currently unrated

Key Information:

Vendor: Eyeos Project
Status: Eyeos
Vendor: CVE Published:; 28 September 2006

🔔 Create Eyeos Project Vulnerability Alert

What is CVE-2006-5071?

Multiple Cross-Site Scripting (XSS) vulnerabilities exist in eyeOS versions earlier than 0.9.1, enabling remote attackers to inject arbitrary web scripts or HTML into the application. This exploitation can arise through unspecified vectors, notably through components like eyeNav and the system/baixar.php script, which could lead to unauthorized actions or data exposure for users interacting with the compromised application.

References

http://secunia.com/advisories/22117

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/20213

vdb-entryx_refsource_BID

http://eyeos.blogspot.com/2006/09/eyeos-091-released.html

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 28, 2006
Vulnerability Reserved
Sep 27, 2006

CVE-2006-5071 Data

JSON