Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for links_manager by jiros

    CVE-2006-6148 (GCVE-0-2006-6148)

    Vulnerability from nvd – Published: 2006-11-28 23:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName, (2) lURL, (3) lImage, and (4) lDescription parameters. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/452265/100… mailing-listx_refsource_BUGTRAQ
    http://www.frsirt.com/english/reference-2006-4664-1.php x_refsource_MISC
    http://securitytracker.com/id?1017280 vdb-entryx_refsource_SECTRACK
    http://securityreason.com/securityalert/1924 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/21226 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/4664 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23063 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:34.725Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "jiroslinkmanager-submitlink-xss(30465)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30465"
              },
              {
                "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
              },
              {
                "name": "1017280",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017280"
              },
              {
                "name": "1924",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1924"
              },
              {
                "name": "21226",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21226"
              },
              {
                "name": "ADV-2006-4664",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4664"
              },
              {
                "name": "23063",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23063"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName, (2) lURL, (3) lImage, and (4) lDescription parameters.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "jiroslinkmanager-submitlink-xss(30465)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30465"
            },
            {
              "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
            },
            {
              "name": "1017280",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017280"
            },
            {
              "name": "1924",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1924"
            },
            {
              "name": "21226",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21226"
            },
            {
              "name": "ADV-2006-4664",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4664"
            },
            {
              "name": "23063",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23063"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6148",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName, (2) lURL, (3) lImage, and (4) lDescription parameters.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "jiroslinkmanager-submitlink-xss(30465)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30465"
                },
                {
                  "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
                },
                {
                  "name": "http://www.frsirt.com/english/reference-2006-4664-1.php",
                  "refsource": "MISC",
                  "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
                },
                {
                  "name": "1017280",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017280"
                },
                {
                  "name": "1924",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1924"
                },
                {
                  "name": "21226",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21226"
                },
                {
                  "name": "ADV-2006-4664",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4664"
                },
                {
                  "name": "23063",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23063"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6148",
        "datePublished": "2006-11-28T23:00:00.000Z",
        "dateReserved": "2006-11-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:34.725Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6147 (GCVE-0-2006-6147)

    Vulnerability from nvd – Published: 2006-11-28 23:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/452265/100… mailing-listx_refsource_BUGTRAQ
    http://www.frsirt.com/english/reference-2006-4664-1.php x_refsource_MISC
    http://securitytracker.com/id?1017280 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/21226 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/4664 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23063 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:34.418Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
              },
              {
                "name": "1017280",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017280"
              },
              {
                "name": "jiroslinkmanager-openlink-sql-injection(30462)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30462"
              },
              {
                "name": "21226",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21226"
              },
              {
                "name": "ADV-2006-4664",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4664"
              },
              {
                "name": "23063",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23063"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
            },
            {
              "name": "1017280",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017280"
            },
            {
              "name": "jiroslinkmanager-openlink-sql-injection(30462)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30462"
            },
            {
              "name": "21226",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21226"
            },
            {
              "name": "ADV-2006-4664",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4664"
            },
            {
              "name": "23063",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23063"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6147",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
                },
                {
                  "name": "http://www.frsirt.com/english/reference-2006-4664-1.php",
                  "refsource": "MISC",
                  "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
                },
                {
                  "name": "1017280",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017280"
                },
                {
                  "name": "jiroslinkmanager-openlink-sql-injection(30462)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30462"
                },
                {
                  "name": "21226",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21226"
                },
                {
                  "name": "ADV-2006-4664",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4664"
                },
                {
                  "name": "23063",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23063"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6147",
        "datePublished": "2006-11-28T23:00:00.000Z",
        "dateReserved": "2006-11-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:34.418Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6148 (GCVE-0-2006-6148)

    Vulnerability from cvelistv5 – Published: 2006-11-28 23:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName, (2) lURL, (3) lImage, and (4) lDescription parameters. NOTE: some of these details are obtained from third party information.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/452265/100… mailing-listx_refsource_BUGTRAQ
    http://www.frsirt.com/english/reference-2006-4664-1.php x_refsource_MISC
    http://securitytracker.com/id?1017280 vdb-entryx_refsource_SECTRACK
    http://securityreason.com/securityalert/1924 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/21226 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/4664 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23063 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:34.725Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "jiroslinkmanager-submitlink-xss(30465)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30465"
              },
              {
                "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
              },
              {
                "name": "1017280",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017280"
              },
              {
                "name": "1924",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1924"
              },
              {
                "name": "21226",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21226"
              },
              {
                "name": "ADV-2006-4664",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4664"
              },
              {
                "name": "23063",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23063"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName, (2) lURL, (3) lImage, and (4) lDescription parameters.  NOTE: some of these details are obtained from third party information."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "jiroslinkmanager-submitlink-xss(30465)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30465"
            },
            {
              "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
            },
            {
              "name": "1017280",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017280"
            },
            {
              "name": "1924",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1924"
            },
            {
              "name": "21226",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21226"
            },
            {
              "name": "ADV-2006-4664",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4664"
            },
            {
              "name": "23063",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23063"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6148",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in submitlink.asp in JiRos Links Manager allow remote attackers to inject arbitrary web script or HTML via the (1) lName, (2) lURL, (3) lImage, and (4) lDescription parameters.  NOTE: some of these details are obtained from third party information."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "jiroslinkmanager-submitlink-xss(30465)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30465"
                },
                {
                  "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
                },
                {
                  "name": "http://www.frsirt.com/english/reference-2006-4664-1.php",
                  "refsource": "MISC",
                  "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
                },
                {
                  "name": "1017280",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017280"
                },
                {
                  "name": "1924",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1924"
                },
                {
                  "name": "21226",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21226"
                },
                {
                  "name": "ADV-2006-4664",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4664"
                },
                {
                  "name": "23063",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23063"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6148",
        "datePublished": "2006-11-28T23:00:00.000Z",
        "dateReserved": "2006-11-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:34.725Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-6147 (GCVE-0-2006-6147)

    Vulnerability from cvelistv5 – Published: 2006-11-28 23:00 – Updated: 2024-08-07 20:19
    VLAI
    Summary
    Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/452265/100… mailing-listx_refsource_BUGTRAQ
    http://www.frsirt.com/english/reference-2006-4664-1.php x_refsource_MISC
    http://securitytracker.com/id?1017280 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/21226 vdb-entryx_refsource_BID
    http://www.vupen.com/english/advisories/2006/4664 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/23063 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-11-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T20:19:34.418Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
              },
              {
                "name": "1017280",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017280"
              },
              {
                "name": "jiroslinkmanager-openlink-sql-injection(30462)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30462"
              },
              {
                "name": "21226",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/21226"
              },
              {
                "name": "ADV-2006-4664",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4664"
              },
              {
                "name": "23063",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/23063"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-11-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
            },
            {
              "name": "1017280",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017280"
            },
            {
              "name": "jiroslinkmanager-openlink-sql-injection(30462)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30462"
            },
            {
              "name": "21226",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/21226"
            },
            {
              "name": "ADV-2006-4664",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4664"
            },
            {
              "name": "23063",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/23063"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-6147",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple SQL injection vulnerabilities in JiRos Links Manager allow remote attackers to execute arbitrary SQL commands via the (1) LinkID parameter to openlink.asp or the (2) CategoryID parameter to viewlinks.asp."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061121 JiRos Links Manager[injection sql \u0026 xss permanent]",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/452265/100/0/threaded"
                },
                {
                  "name": "http://www.frsirt.com/english/reference-2006-4664-1.php",
                  "refsource": "MISC",
                  "url": "http://www.frsirt.com/english/reference-2006-4664-1.php"
                },
                {
                  "name": "1017280",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017280"
                },
                {
                  "name": "jiroslinkmanager-openlink-sql-injection(30462)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30462"
                },
                {
                  "name": "21226",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/21226"
                },
                {
                  "name": "ADV-2006-4664",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4664"
                },
                {
                  "name": "23063",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/23063"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-6147",
        "datePublished": "2006-11-28T23:00:00.000Z",
        "dateReserved": "2006-11-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T20:19:34.418Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }