CVE-2006-2572

Опубликовано: 24 мая 2006

Источник: nvd

CVSS2: 2.6

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in index.php in DGBook 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) email, and (4) address parameters.

Ссылки

http://secunia.com/advisories/20201
Vendor Advisory
http://securityreason.com/securityalert/948
http://www.osvdb.org/25732
http://www.securityfocus.com/archive/1/434869/100/0/threaded
http://www.securityfocus.com/archive/1/436615/100/0/threaded
http://www.securityfocus.com/bid/18310
http://www.vupen.com/english/advisories/2006/1942
https://exchange.xforce.ibmcloud.com/vulnerabilities/26629
http://secunia.com/advisories/20201
Vendor Advisory
http://securityreason.com/securityalert/948
http://www.osvdb.org/25732
http://www.securityfocus.com/archive/1/434869/100/0/threaded
http://www.securityfocus.com/archive/1/436615/100/0/threaded
http://www.securityfocus.com/bid/18310
http://www.vupen.com/english/advisories/2006/1942
https://exchange.xforce.ibmcloud.com/vulnerabilities/26629

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dian_gemilang:dgbook:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00558

Низкий

2.6 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-3q49-38f5-q4r7

github

почти 4 года назад