CVE-2006-5499

EPSS 1.8%
Veröffentlicht 25.10.2006 10:07:00
Zuletzt bearbeitet 16.06.2026 22:31:19
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple cross-site scripting (XSS) vulnerabilities in Serendipity (s9y) 1.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors in the media manager administration page.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 14

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Serendipity ≫ Serendipity Version <= 1.0.1

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.8%	0.756

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0395.html

http://secunia.com/advisories/22501

Patch

Vendor Advisory

http://securityreason.com/securityalert/1771

http://securitytracker.com/id?1017100

http://www.hardened-php.net/advisory_112006.136.html

http://www.osvdb.org/29893

http://www.s9y.org/forums/viewtopic.php?t=7356

http://www.securityfocus.com/archive/1/449189/100/0/threaded

http://www.securityfocus.com/bid/20627

http://www.vupen.com/english/advisories/2006/4135

https://exchange.xforce.ibmcloud.com/vulnerabilities/29695

https://nvd.nist.gov/vuln/detail/CVE-2006-5499

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5499

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5499

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2006-5499