CVE-2006-0165

Published Jan 11, 2006

Last updated a month ago

CVSS info 4.3

Overview

Description: Cross-site scripting (XSS) vulnerability in the DataForm Entries functionality in Plain Black WebGUI before 6.8.4 (gamma) allows remote attackers to inject arbitrary Javascript via the (1) url and (2) name field of the default email form.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:5.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B275581E-40C7-4C60-8579-ABE91C72A4F2"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.2.10_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D6A80D91-6829-4FD0-A237-0B736133FE3C"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.2.11_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20E4C682-8357-42A1-B05A-A67BE6491673"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.3.0_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DC7A15A-CC25-4246-8E20-6DD2835505A7"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.4.0_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B0BFA73-C127-4F3C-9264-9F7AF662EBF3"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.5.0_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "81A94D77-7CFD-45C7-97BC-99CB02461E19"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.5.1_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA19BEB3-B893-41E9-A136-981F06E85327"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.5.2_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "895A15BB-6CD4-436C-AD8F-CD63DF918342"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.5.3_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01E8CFA8-4C68-4569-8B35-13155709453F"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.5.4_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32CBB373-CEC4-44A0-9AC5-BCBED479E3CB"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.5.5_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27EB08FC-0D48-4AD8-AD38-3995B01007C9"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.5.6_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CCFAD6F9-34EF-4C12-AF2C-C8D4F7E31754"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.6.0_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70A7A54C-EB1E-41F7-91B9-F3DA5B3F3D8B"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.6.1_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "171B8F2A-4EB0-4A29-8F2E-6B073B1490CC"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.6.2_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72F897FC-CC83-43A6-8D40-3825FEC517BA"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.6.3_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF9CE5C0-DB9A-45CD-8C1C-26C664A79477"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.6.4_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C519572D-9CB8-40F1-A74D-D0246873DEBC"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEB72220-4AA2-4C30-B934-BBC0F72869C6"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.7.0_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E9073E8-E3B5-416C-8D9B-1943F67BDE25"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.7.1_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E99ADD3A-FE1D-4B67-9945-9CBB3D4BEBBE"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.7.2_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8EDBDCD-6BF0-4213-91D0-501D107DB512"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.7.3_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3236FC46-7E1E-49A1-8239-B67C03D47B4C"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.7.4_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AB7FE74-41AF-4E99-B808-A9349BED0575"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.7.5_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D646596-6247-4E58-B84F-7BD87B8B71DB"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.7.6_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "386BF292-8E87-4442-A4CF-A3A105ECBBBD"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.7.7_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C23D1DB6-6C4F-4C0A-A8EE-CB51E16F89A9"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.7.8_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "282EF8C4-E4D1-42FD-A56F-3FA3AB8EE6A2"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.8.1_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B79656F-BE0B-403B-8E2B-C384AEDF21C5"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.8.2_beta:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65DEC170-B84D-47B9-8A91-13374B8021FF"
          },
          {
            "criteria": "cpe:2.3:a:plain_black:webgui:6.8.3_gamma:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "382B4D87-4CE1-4E06-A6EC-4725FC209D8E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References