4.3
CVE-2006-3079
- EPSS 1.16%
- Veröffentlicht 19.06.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:26:21
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in index.cfm in SSPwiz Plus 1.0.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the message parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Sspwiz ≫ Sspwiz Plus Version <= 1.0.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.16% | 0.63 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://pridels0.blogspot.com/2006/06/sspwiz-xss-vuln.html
http://secunia.com/advisories/20698
http://www.osvdb.org/26532
http://www.securityfocus.com/bid/18482
https://exchange.xforce.ibmcloud.com/vulnerabilities/27149