CVE-2006-2994

Опубликовано: 13 июн. 2006

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in index.php in phazizGuestbook 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) email, (3) url fields, and (4) text field (content parameter).

Ссылки

http://secunia.com/advisories/20615
http://securityreason.com/securityalert/1081
http://www.securityfocus.com/archive/1/436602/100/0/threaded
http://www.securityfocus.com/bid/18495
http://www.vupen.com/english/advisories/2006/2421
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27065
http://secunia.com/advisories/20615
http://securityreason.com/securityalert/1081
http://www.securityfocus.com/archive/1/436602/100/0/threaded
http://www.securityfocus.com/bid/18495
http://www.vupen.com/english/advisories/2006/2421
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27065

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:christian_becher:phazizguestbook:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 71%

0.00695

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-fjx2-chrg-qhrf

github

почти 4 года назад