CVE-2006-5299

Опубликовано: 17 окт. 2006

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Gcontact 0.6.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

http://securityreason.com/securityalert/1725
http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0005
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/448692/100/0/threaded
http://www.securityfocus.com/bid/20530
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/29600
http://securityreason.com/securityalert/1725
http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0005
Exploit
Vendor Advisory
http://www.securityfocus.com/archive/1/448692/100/0/threaded
http://www.securityfocus.com/bid/20530
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/29600

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gcontact:gcontact:0.6.5:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00521

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-x9hr-vpf7-5gm7

github

почти 4 года назад