Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for pre_news_manager by pre_projects

    CVE-2006-2763 (GCVE-0-2006-2763)

    Vulnerability from nvd – Published: 2006-06-02 01:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. It is possible that this is primary to CVE-2006-2678.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/26077 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26079 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26074 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/1990 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/20284 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/497185/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/493369/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/5803 exploitx_refsource_EXPLOIT-DB
    http://www.osvdb.org/26078 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26073 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26076 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/26075 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/497219/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.886Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "prenewsmanager-newsdetail-sql-injection(34035)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
              },
              {
                "name": "26077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26077"
              },
              {
                "name": "26079",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26079"
              },
              {
                "name": "26074",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26074"
              },
              {
                "name": "ADV-2006-1990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1990"
              },
              {
                "name": "20284",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20284"
              },
              {
                "name": "20081009 News Manager Remote SQL Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
              },
              {
                "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
              },
              {
                "name": "5803",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5803"
              },
              {
                "name": "26078",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26078"
              },
              {
                "name": "26073",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26073"
              },
              {
                "name": "26076",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26076"
              },
              {
                "name": "prenewsmanager-index-sql-injection(43070)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
              },
              {
                "name": "26075",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26075"
              },
              {
                "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  It is possible that this is primary to CVE-2006-2678."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "prenewsmanager-newsdetail-sql-injection(34035)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
            },
            {
              "name": "26077",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26077"
            },
            {
              "name": "26079",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26079"
            },
            {
              "name": "26074",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26074"
            },
            {
              "name": "ADV-2006-1990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1990"
            },
            {
              "name": "20284",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20284"
            },
            {
              "name": "20081009 News Manager Remote SQL Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
            },
            {
              "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
            },
            {
              "name": "5803",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5803"
            },
            {
              "name": "26078",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26078"
            },
            {
              "name": "26073",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26073"
            },
            {
              "name": "26076",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26076"
            },
            {
              "name": "prenewsmanager-index-sql-injection(43070)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
            },
            {
              "name": "26075",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26075"
            },
            {
              "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  It is possible that this is primary to CVE-2006-2678."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "prenewsmanager-newsdetail-sql-injection(34035)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
                },
                {
                  "name": "26077",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26077"
                },
                {
                  "name": "26079",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26079"
                },
                {
                  "name": "26074",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26074"
                },
                {
                  "name": "ADV-2006-1990",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1990"
                },
                {
                  "name": "20284",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20284"
                },
                {
                  "name": "20081009 News Manager Remote SQL Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
                },
                {
                  "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
                },
                {
                  "name": "5803",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5803"
                },
                {
                  "name": "26078",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26078"
                },
                {
                  "name": "26073",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26073"
                },
                {
                  "name": "26076",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26076"
                },
                {
                  "name": "prenewsmanager-index-sql-injection(43070)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
                },
                {
                  "name": "26075",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26075"
                },
                {
                  "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2763",
        "datePublished": "2006-06-02T01:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.886Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2678 (GCVE-0-2006-2678)

    Vulnerability from nvd – Published: 2006-05-31 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/26068 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/435020/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/996 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2006/1990 vdb-entryx_refsource_VUPEN
    http://www.osvdb.org/26070 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/20284 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/26069 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26071 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26072 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/18333 vdb-entryx_refsource_BID
    http://www.osvdb.org/26066 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26067 vdb-entryx_refsource_OSVDB
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.869Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26068",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26068"
              },
              {
                "name": "prenewsmanager-multiple-xss(26692)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
              },
              {
                "name": "20060524 Pre News Manager v1.0",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
              },
              {
                "name": "996",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/996"
              },
              {
                "name": "ADV-2006-1990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1990"
              },
              {
                "name": "26070",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26070"
              },
              {
                "name": "20284",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20284"
              },
              {
                "name": "26069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26069"
              },
              {
                "name": "26071",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26071"
              },
              {
                "name": "26072",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26072"
              },
              {
                "name": "18333",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18333"
              },
              {
                "name": "26066",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26066"
              },
              {
                "name": "26067",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26067"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26068",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26068"
            },
            {
              "name": "prenewsmanager-multiple-xss(26692)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
            },
            {
              "name": "20060524 Pre News Manager v1.0",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
            },
            {
              "name": "996",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/996"
            },
            {
              "name": "ADV-2006-1990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1990"
            },
            {
              "name": "26070",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26070"
            },
            {
              "name": "20284",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20284"
            },
            {
              "name": "26069",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26069"
            },
            {
              "name": "26071",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26071"
            },
            {
              "name": "26072",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26072"
            },
            {
              "name": "18333",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18333"
            },
            {
              "name": "26066",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26066"
            },
            {
              "name": "26067",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26067"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2678",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26068",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26068"
                },
                {
                  "name": "prenewsmanager-multiple-xss(26692)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
                },
                {
                  "name": "20060524 Pre News Manager v1.0",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
                },
                {
                  "name": "996",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/996"
                },
                {
                  "name": "ADV-2006-1990",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1990"
                },
                {
                  "name": "26070",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26070"
                },
                {
                  "name": "20284",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20284"
                },
                {
                  "name": "26069",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26069"
                },
                {
                  "name": "26071",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26071"
                },
                {
                  "name": "26072",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26072"
                },
                {
                  "name": "18333",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18333"
                },
                {
                  "name": "26066",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26066"
                },
                {
                  "name": "26067",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26067"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2678",
        "datePublished": "2006-05-31T10:00:00.000Z",
        "dateReserved": "2006-05-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.869Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2763 (GCVE-0-2006-2763)

    Vulnerability from cvelistv5 – Published: 2006-06-02 01:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. It is possible that this is primary to CVE-2006-2678.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/26077 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26079 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26074 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2006/1990 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/20284 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/497185/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/493369/100… mailing-listx_refsource_BUGTRAQ
    https://www.exploit-db.com/exploits/5803 exploitx_refsource_EXPLOIT-DB
    http://www.osvdb.org/26078 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26073 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26076 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.osvdb.org/26075 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/archive/1/497219/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.886Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "prenewsmanager-newsdetail-sql-injection(34035)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
              },
              {
                "name": "26077",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26077"
              },
              {
                "name": "26079",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26079"
              },
              {
                "name": "26074",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26074"
              },
              {
                "name": "ADV-2006-1990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1990"
              },
              {
                "name": "20284",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20284"
              },
              {
                "name": "20081009 News Manager Remote SQL Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
              },
              {
                "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
              },
              {
                "name": "5803",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/5803"
              },
              {
                "name": "26078",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26078"
              },
              {
                "name": "26073",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26073"
              },
              {
                "name": "26076",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26076"
              },
              {
                "name": "prenewsmanager-index-sql-injection(43070)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
              },
              {
                "name": "26075",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26075"
              },
              {
                "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  It is possible that this is primary to CVE-2006-2678."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "prenewsmanager-newsdetail-sql-injection(34035)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
            },
            {
              "name": "26077",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26077"
            },
            {
              "name": "26079",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26079"
            },
            {
              "name": "26074",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26074"
            },
            {
              "name": "ADV-2006-1990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1990"
            },
            {
              "name": "20284",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20284"
            },
            {
              "name": "20081009 News Manager Remote SQL Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
            },
            {
              "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
            },
            {
              "name": "5803",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/5803"
            },
            {
              "name": "26078",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26078"
            },
            {
              "name": "26073",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26073"
            },
            {
              "name": "26076",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26076"
            },
            {
              "name": "prenewsmanager-index-sql-injection(43070)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
            },
            {
              "name": "26075",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26075"
            },
            {
              "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2763",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in Pre News Manager 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.  It is possible that this is primary to CVE-2006-2678."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "prenewsmanager-newsdetail-sql-injection(34035)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34035"
                },
                {
                  "name": "26077",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26077"
                },
                {
                  "name": "26079",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26079"
                },
                {
                  "name": "26074",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26074"
                },
                {
                  "name": "ADV-2006-1990",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1990"
                },
                {
                  "name": "20284",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20284"
                },
                {
                  "name": "20081009 News Manager Remote SQL Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/497185/100/0/threaded"
                },
                {
                  "name": "20080615 [ECHO_ADV_97$2008] Pre News Manager \u003c= 1.0 (index.php id) Sql Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/493369/100/0/threaded"
                },
                {
                  "name": "5803",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/5803"
                },
                {
                  "name": "26078",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26078"
                },
                {
                  "name": "26073",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26073"
                },
                {
                  "name": "26076",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26076"
                },
                {
                  "name": "prenewsmanager-index-sql-injection(43070)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43070"
                },
                {
                  "name": "26075",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26075"
                },
                {
                  "name": "20081009 Re: News Manager Remote SQL Injection Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/497219/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2763",
        "datePublished": "2006-06-02T01:00:00.000Z",
        "dateReserved": "2006-06-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.886Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2678 (GCVE-0-2006-2678)

    Vulnerability from cvelistv5 – Published: 2006-05-31 10:00 – Updated: 2024-08-07 17:58
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.osvdb.org/26068 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/435020/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/996 third-party-advisoryx_refsource_SREASON
    http://www.vupen.com/english/advisories/2006/1990 vdb-entryx_refsource_VUPEN
    http://www.osvdb.org/26070 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/20284 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/26069 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26071 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26072 vdb-entryx_refsource_OSVDB
    http://www.securityfocus.com/bid/18333 vdb-entryx_refsource_BID
    http://www.osvdb.org/26066 vdb-entryx_refsource_OSVDB
    http://www.osvdb.org/26067 vdb-entryx_refsource_OSVDB
    Date Public
    2006-05-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:58:51.869Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "26068",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26068"
              },
              {
                "name": "prenewsmanager-multiple-xss(26692)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
              },
              {
                "name": "20060524 Pre News Manager v1.0",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
              },
              {
                "name": "996",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/996"
              },
              {
                "name": "ADV-2006-1990",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1990"
              },
              {
                "name": "26070",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26070"
              },
              {
                "name": "20284",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20284"
              },
              {
                "name": "26069",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26069"
              },
              {
                "name": "26071",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26071"
              },
              {
                "name": "26072",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26072"
              },
              {
                "name": "18333",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18333"
              },
              {
                "name": "26066",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26066"
              },
              {
                "name": "26067",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/26067"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "26068",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26068"
            },
            {
              "name": "prenewsmanager-multiple-xss(26692)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
            },
            {
              "name": "20060524 Pre News Manager v1.0",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
            },
            {
              "name": "996",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/996"
            },
            {
              "name": "ADV-2006-1990",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1990"
            },
            {
              "name": "26070",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26070"
            },
            {
              "name": "20284",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20284"
            },
            {
              "name": "26069",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26069"
            },
            {
              "name": "26071",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26071"
            },
            {
              "name": "26072",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26072"
            },
            {
              "name": "18333",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18333"
            },
            {
              "name": "26066",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26066"
            },
            {
              "name": "26067",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/26067"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2678",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in Pre News Manager 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to (a) index.php, and the (2) nid parameter to (b) news_detail.php, (c) email_story.php, (d) thankyou.php, (e) printable_view.php, (f) tella_friend.php, and (g) send_comments.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "26068",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26068"
                },
                {
                  "name": "prenewsmanager-multiple-xss(26692)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26692"
                },
                {
                  "name": "20060524 Pre News Manager v1.0",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/435020/100/0/threaded"
                },
                {
                  "name": "996",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/996"
                },
                {
                  "name": "ADV-2006-1990",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1990"
                },
                {
                  "name": "26070",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26070"
                },
                {
                  "name": "20284",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20284"
                },
                {
                  "name": "26069",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26069"
                },
                {
                  "name": "26071",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26071"
                },
                {
                  "name": "26072",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26072"
                },
                {
                  "name": "18333",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18333"
                },
                {
                  "name": "26066",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26066"
                },
                {
                  "name": "26067",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/26067"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2678",
        "datePublished": "2006-05-31T10:00:00.000Z",
        "dateReserved": "2006-05-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:58:51.869Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }