{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-09-16T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via (1) the stylesheet parameter in Feed.php or (2) the message parameter in status.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "21911", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/21911"}, {"name": "1611", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/1611"}, {"name": "1016876", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1016876"}, {"name": "ADV-2006-3691", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/3691"}, {"name": "20060916 BizDirectory all version xss", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/446223/100/0/threaded"}, {"name": "20081", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20081"}, {"name": "bizdirectory-feed-xss(29002)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29002"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-4883", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via (1) the stylesheet parameter in Feed.php or (2) the message parameter in status.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "21911", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/21911"}, {"name": "1611", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/1611"}, {"name": "1016876", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1016876"}, {"name": "ADV-2006-3691", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/3691"}, {"name": "20060916 BizDirectory all version xss", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/446223/100/0/threaded"}, {"name": "20081", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20081"}, {"name": "bizdirectory-feed-xss(29002)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29002"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-4883", "datePublished": "2006-09-19T21:00:00", "dateReserved": "2006-09-19T00:00:00", "dateUpdated": "2018-10-17T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:idevspot:bizdirectory:*:*:*:*:*:*:*:*", "matchCriteriaId": "2DA28DED-F6F0-48BD-97B5-C88D51A556DC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in IDevSpot BizDirectory allow remote attackers to inject arbitrary web script or HTML via (1) the stylesheet parameter in Feed.php or (2) the message parameter in status.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en IDevSpot BizDirectory permiten a atacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n v\u00eda (1) el par\u00e1metro stylesheet en Feed.php o (2) el par\u00e1metro message en status.php."}], "id": "CVE-2006-4883", "lastModified": "2018-10-17T21:40:07.920", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-09-19T21:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/21911"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/1611"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1016876"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/446223/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/20081"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/3691"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29002"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}