CVE-2006-1418

Caloris Planitia E-School Mgt Sys <1.0 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in default.asp in Caloris Planitia E-School Management System 1.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by r0t · textwebappsasp

https://www.exploit-db.com/exploits/27482

View Code ZIP pw:eip

References (6)

Core 6

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/25469

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/24128

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/17257

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/1095

Third Party Advisory x_refsource_misc

http://pridels0.blogspot.com/2006/03/e-school-management-system-xss-vuln.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/19381

Scores

EPSS 0.0078

EPSS Percentile 73.8%

Details

Status published

Products (1)

caloris_planitia_technologies/e-school_management_system < 1.0

Published Mar 28, 2006

Tracked Since Feb 18, 2026