5.8
CVE-2006-2533
- EPSS 1.34%
- Veröffentlicht 22.05.2006 23:10:00
- Zuletzt bearbeitet 16.06.2026 22:25:16
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script 0.5.0 does not properly filter all vulnerable HTML tags, which allows remote attackers to inject arbitrary web script or HTML via Javascript in a DIV tag.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Greg Donald ≫ Destiney Rated Images Script Version0.5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.34% | 0.677 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:P/I:P/A:N
|
http://securityreason.com/securityalert/940
http://www.securityfocus.com/archive/1/434691/100/0/threaded
http://secunia.com/advisories/20249
http://www.securityfocus.com/archive/1/435093/100/0/threaded
http://www.securityfocus.com/bid/18070
http://www.vupen.com/english/advisories/2006/1927
https://exchange.xforce.ibmcloud.com/vulnerabilities/26605