CVE-2006-5071
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
28/09/2006
Last modified:
09/04/2025
Description
Multiple cross-site scripting (XSS) vulnerabilities in eyeOS before 0.9.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving (1) eyeNav and (2) system/baixar.php.
Impact
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:eyeos_project:eyeos:*:*:*:*:*:*:*:* | 0.9.0.6 (including) | |
| cpe:2.3:o:eyeos_project:eyeos:0.8.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.8.3_r2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.8.4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.8.4_r1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.8.5:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.8.9:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.8.10:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.9.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.9.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.9.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.9.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:eyeos_project:eyeos:0.9.0.5:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://eyeos.blogspot.com/2006/09/eyeos-091-released.html
- http://secunia.com/advisories/22117
- http://sourceforge.net/project/shownotes.php?group_id=145027&release_id=450490
- http://www.securityfocus.com/bid/20213
- http://www.vupen.com/english/advisories/2006/3780
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29190
- http://eyeos.blogspot.com/2006/09/eyeos-091-released.html
- http://secunia.com/advisories/22117
- http://sourceforge.net/project/shownotes.php?group_id=145027&release_id=450490
- http://www.securityfocus.com/bid/20213
- http://www.vupen.com/english/advisories/2006/3780
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29190