CVE-2006-0603

Опубликовано: 08 фев. 2006

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

Multiple cross-site scripting vulnerabilities in signed.php in Hinton Design phphg Guestbook 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) location, (2) website, or (3) message parameter.

Ссылки

http://evuln.com/vulns/58/summary.html
Vendor Advisory
http://secunia.com/advisories/18758
Patch
Vendor Advisory
http://securitytracker.com/id?1015620
http://www.securityfocus.com/archive/1/424740/100/0/threaded
http://www.securityfocus.com/bid/16541
http://www.vupen.com/english/advisories/2006/0480
Vendor Advisory
http://evuln.com/vulns/58/summary.html
Vendor Advisory
http://secunia.com/advisories/18758
Patch
Vendor Advisory
http://securitytracker.com/id?1015620
http://www.securityfocus.com/archive/1/424740/100/0/threaded
http://www.securityfocus.com/bid/16541
http://www.vupen.com/english/advisories/2006/0480
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hinton_design:phphg_guestbook:1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.011

Низкий

6.4 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-chc6-5gxm-wqvp

github

почти 4 года назад