CVE-2006-1080
published 2006-03-09CVE-2006-1080: Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.87%
76.7th percentile
Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter, possibly requiring a URL encoded value.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| game-panel | game-panel | — | — |
| game-panel | game-panel | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q6hr-wg8v-2g7f: Cross-site scripting (XSS) vulnerability in login
ghsa_unreviewed·2022-05-01
CVE-2006-1080 [MEDIUM] GHSA-q6hr-wg8v-2g7f: Cross-site scripting (XSS) vulnerability in login
Cross-site scripting (XSS) vulnerability in login.php in Game-Panel 2.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter, possibly requiring a URL encoded value.
Red Hat
fastjar: directory traversal vulnerabilities
vendor_redhat·2010-06-06·CVSS 5.0
CVE-2010-0831 [MEDIUM] fastjar: directory traversal vulnerabilities
fastjar: directory traversal vulnerabilities
Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial pathname component in a filename within a .jar archive, a related issue to CVE-2005-1080. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619.
Statement: The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
Package: gcc (Red Hat Enterprise Linux 4) - Will not fix
Package: gcc4 (Red Hat Enterprise Linux 4) - Will not fix
Package: gcc44 (Red Hat Enterprise Linux 5) - Not affected
Package: gcc (Red Hat Enterprise Linux 6) - Not affected
No detection rules found.
No writeups or analysis indexed.
http://notlegal.ws/gamepanel.txthttp://secunia.com/advisories/19143http://www.securityfocus.com/archive/1/426825/100/0/threadedhttp://www.securityfocus.com/bid/16979http://www.vupen.com/english/advisories/2006/0864https://exchange.xforce.ibmcloud.com/vulnerabilities/25144http://notlegal.ws/gamepanel.txthttp://secunia.com/advisories/19143http://www.securityfocus.com/archive/1/426825/100/0/threadedhttp://www.securityfocus.com/bid/16979http://www.vupen.com/english/advisories/2006/0864https://exchange.xforce.ibmcloud.com/vulnerabilities/25144
2006-03-09
Published