2.6
CVE-2006-3237
- EPSS 1.27%
- Veröffentlicht 27.06.2006 10:05:00
- Zuletzt bearbeitet 16.06.2026 22:26:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in index.php in Enterprise Groupware System (EGS) 1.2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the module parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Senokian Solutions ≫ Enterprise Groupware Systems Version <= 1.2.4
Senokian Solutions ≫ Enterprise Groupware Systems Version1.0
Senokian Solutions ≫ Enterprise Groupware Systems Version1.0_rc1
Senokian Solutions ≫ Enterprise Groupware Systems Version1.0_rc2
Senokian Solutions ≫ Enterprise Groupware Systems Version1.0_rc3
Senokian Solutions ≫ Enterprise Groupware Systems Version1.0_rc4
Senokian Solutions ≫ Enterprise Groupware Systems Version1.0_rc5
Senokian Solutions ≫ Enterprise Groupware Systems Version1.1
Senokian Solutions ≫ Enterprise Groupware Systems Version1.01
Senokian Solutions ≫ Enterprise Groupware Systems Version1.1.1
Senokian Solutions ≫ Enterprise Groupware Systems Version1.1.2
Senokian Solutions ≫ Enterprise Groupware Systems Version1.2
Senokian Solutions ≫ Enterprise Groupware Systems Version1.2.1
Senokian Solutions ≫ Enterprise Groupware Systems Version1.2.2
Senokian Solutions ≫ Enterprise Groupware Systems Version1.2.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.27% | 0.66 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.6 | 4.9 | 2.9 |
AV:N/AC:H/Au:N/C:N/I:P/A:N
|
http://pridels0.blogspot.com/2006/06/enterprise-groupware-system-xss-vuln.html
http://secunia.com/advisories/20757
http://securitytracker.com/id?1016358
http://www.securityfocus.com/bid/18590
http://www.vupen.com/english/advisories/2006/2483
https://exchange.xforce.ibmcloud.com/vulnerabilities/27282