2.6
CVE-2006-3071
- EPSS 1.27%
- Veröffentlicht 19.06.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:26:20
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in index.php in MP3 Search/Archive 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter, as used by the "search box", and (2) res parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Anton Belev ≫ Mp3 Search Archive Version1.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.27% | 0.66 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:P/A:N
|
http://secunia.com/advisories/20664
http://securityreason.com/securityalert/1112
http://www.osvdb.org/26530
http://www.securityfocus.com/archive/1/437283/100/0/threaded
http://www.vupen.com/english/advisories/2006/2385
https://exchange.xforce.ibmcloud.com/vulnerabilities/27234