CyberSec.Space Logo
Back to CVE Browser

CVE-2006-1436

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.1670%
EPSS Percentile5.05th
PublishedApr 15, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in UPOINT @1 Event Publisher allow remote attackers to inject arbitrary web script or HTML via the (1) Event, (2) Description, (3) Time, (4) Website, and (5) Public Remarks fields to (a) eventpublisher_admin.htm and (b) eventpublisher_usersubmit.htm.

Affected Platforms (CPE)

πŸ“¦
Upoint

At1 Event Publisher

= 2003-12-18

References & Advisories

πŸ”— http://osvdb.org/ref/24/24236-upoint.txt
πŸ”— http://secunia.com/advisories/19727
πŸ”— http://www.osvdb.org/24235
πŸ”— http://www.osvdb.org/24236
πŸ”— http://www.securityfocus.com/bid/17646
πŸ”— http://osvdb.org/ref/24/24236-upoint.txt
πŸ”— http://secunia.com/advisories/19727
πŸ”— http://www.osvdb.org/24235

Related Vulnerabilities

CVE-2006-623510.0

A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to ...

CVE-2006-610210.0

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X ser...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2006-011910.0

Multiple unspecified vulnerabilities in IBM Lotus Notes and Domino Server before 6.5.5 have unknown impact and attack vectors, due...