2.6

CVE-2006-3063

Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and before 2.0.1 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) email, (3) homepage, (4) id, (5) name, and (6) text parameters in (a) index.php, the (7) comment, (8) email, (9) homepage, (10) number, (11) name, and (12) text parameters in (b) admin/guestbook.php, and the (13) email, (14) homepage, (15) icq, (16) name, and (17) text parameters in (c) admin/edit.php.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Myphp GuestbookMyphp Guestbook Version1.8.3
Myphp GuestbookMyphp Guestbook Version1.9.2
Myphp GuestbookMyphp Guestbook Version2.0.0
Myphp GuestbookMyphp Guestbook Version2.0.0-r1
Myphp GuestbookMyphp Guestbook Version2.0.0_alpha
Myphp GuestbookMyphp Guestbook Version2.0.0_beta
Myphp GuestbookMyphp Guestbook Version2.0.0_rc1
Myphp GuestbookMyphp Guestbook Version2.0.0_rc2
Myphp GuestbookMyphp Guestbook Version2.0.0_rc3
Myphp GuestbookMyphp Guestbook Version2.0.0_rc4
Myphp GuestbookMyphp Guestbook Version2.0.1_beta
Myphp GuestbookMyphp Guestbook Version2.0.1_rc1
Myphp GuestbookMyphp Guestbook Version2.0.1_rc2
Myphp GuestbookMyphp Guestbook Version2.0.1_rc3
Myphp GuestbookMyphp Guestbook Version2.0.1_rc4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.15% 0.628
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:N/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/20764
http://www.networkarea.ch/forum/topic.php?id=4&s=9106beea248ecd1a552439168ada227e
http://www.securityfocus.com/bid/18582
http://www.vupen.com/english/advisories/2006/2480
https://exchange.xforce.ibmcloud.com/vulnerabilities/27293