CVE-2006-0507

Опубликовано: 01 фев. 2006

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Easy CMS allow remote attackers to inject arbitrary web script or HTML via (1) unknown attack vectors in the administrative interface and (2) input fields of the contact form.

Ссылки

http://secunia.com/advisories/18673
Vendor Advisory
http://www.securityfocus.com/archive/1/423442/100/0/threaded
http://www.securityfocus.com/archive/1/423563/100/0/threaded
http://www.securityfocus.com/archive/1/424431/100/0/threaded
http://www.securityfocus.com/bid/16430
http://www.vupen.com/english/advisories/2006/0385
https://exchange.xforce.ibmcloud.com/vulnerabilities/24371
http://secunia.com/advisories/18673
Vendor Advisory
http://www.securityfocus.com/archive/1/423442/100/0/threaded
http://www.securityfocus.com/archive/1/423563/100/0/threaded
http://www.securityfocus.com/archive/1/424431/100/0/threaded
http://www.securityfocus.com/bid/16430
http://www.vupen.com/english/advisories/2006/0385
https://exchange.xforce.ibmcloud.com/vulnerabilities/24371

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:easy_cms:easy_cms:*:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00527

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-63r9-2pmh-6hmp

github

почти 4 года назад