CVE-2010-1606

Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal Script allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) Keywords, (3) Tags, or (4) Desired City field.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://packetstormsecurity.org/1004-exploits/nctjobsportal-sqlxss.txt	Exploit
http://www.exploit-db.com/exploits/12370	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/58081
http://packetstormsecurity.org/1004-exploits/nctjobsportal-sqlxss.txt	Exploit
http://www.exploit-db.com/exploits/12370	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/58081

Configurations

Configuration 1 (hide)

cpe:2.3:a:ncrypted:nct_jobs_portal_script:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:14

Type	Values Removed	Values Added
References	~~() http://packetstormsecurity.org/1004-exploits/nctjobsportal-sqlxss.txt - Exploit~~	() http://packetstormsecurity.org/1004-exploits/nctjobsportal-sqlxss.txt - Exploit
References	~~() http://www.exploit-db.com/exploits/12370 - Exploit~~	() http://www.exploit-db.com/exploits/12370 - Exploit
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/58081 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/58081 -

Information

Published : 2010-04-29 17:30

Updated : 2025-04-11 00:51

NVD link : CVE-2010-1606

Mitre link : CVE-2010-1606

CVE.ORG link : CVE-2010-1606

JSON object : View

Products Affected

ncrypted

nct_jobs_portal_script

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2010-1606", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-04-29T17:30:00.777", "references": [{"url": "http://packetstormsecurity.org/1004-exploits/nctjobsportal-sqlxss.txt", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/12370", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58081", "source": "cve@mitre.org"}, {"url": "http://packetstormsecurity.org/1004-exploits/nctjobsportal-sqlxss.txt", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.exploit-db.com/exploits/12370", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58081", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal Script allow remote attackers to inject arbitrary web script or HTML via the (1) search, (2) Keywords, (3) Tags, or (4) Desired City field."}, {"lang": "es", "value": "M\u00faltiples secuencias de comandos en sitios cruzados (XSS) en NCT Jobs Portal Script permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de (1)la b\u00fasqueda (search), (2)palabras clave (keyword), (3) etiquetas (tags), o (4) campo Ciudad deseada (desired city)."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ncrypted:nct_jobs_portal_script:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B74B3B43-2557-45A8-9C8C-965FAC968077"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}