4.3
CVE-2006-4358
- EPSS 1.89%
- Veröffentlicht 27.08.2006 02:04:00
- Zuletzt bearbeitet 16.06.2026 22:28:56
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in index.php in Diesel Pay allows remote attackers to inject arbitrary web script or HTML via the read parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.89% | 0.768 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://archives.neohapsis.com/archives/bugtraq/2006-08/0416.html
http://secunia.com/advisories/21588
http://securityreason.com/securityalert/1459
http://www.osvdb.org/28074
http://www.securityfocus.com/bid/19623
http://www.vupen.com/english/advisories/2006/3344
https://exchange.xforce.ibmcloud.com/vulnerabilities/28496