CVE-2006-5457

{"id": "CVE-2006-5457", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-10-23T17:07:00.000", "references": [{"url": "http://www.securitylab.ru/forum/read.php?FID=16&TID=23884", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securitylab.ru/forum/read.php?FID=16&TID=23884", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the registration form in Casinosoft Casino Script (Masvet) 3.2 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) surname field."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en el formulario de registro en Casinosoft Casino Script (Masvet) 3.2 permiten aatacantes remotos inyectar secuencias de comandos web o HTML de su elecci\u00f3n mediante el campo (1) nombre (name) o (2) apellido (surname)."}], "lastModified": "2025-04-09T00:30:58.490", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:casinosoft:casino_script:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EADB6636-FD98-46DD-8D02-02346E3A59F1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}