CVE-2006-3063

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2006-3063
Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and before 2.0.1 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) email, (3) homepage, (4) id, (5) name, and (6) text parameters in (a) index.php, the (7) comment, (8) email, (9) homepage, (10) number, (11) name, and (12) text parameters in (b) admin/guestbook.php, and the (13) email, (14) homepage, (15) icq, (16) name, and (17) text parameters in (c) admin/edit.php.

2.6 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://www.networkarea.ch/forum/topic.php?id=4&s=9106beea248ecd1a552439168ada227e
http://secunia.com/advisories/20764
http://www.securityfocus.com/bid/18582
http://www.vupen.com/english/advisories/2006/2480
https://exchange.xforce.ibmcloud.com/vulnerabilities/27293
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.8:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.8.3:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_rc1:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_rc2:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.0:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_alpha:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_beta:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_rc3:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_rc4:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0-r1:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_rc3:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_rc1:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.9.2:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_rc4:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_beta:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_rc2:*:*:*:*:*:*:*
cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.9:*:*:*:*:*:*:*
Information

Published : 2006-06-19 03:02

Updated : 2017-07-19 18:32

NVD link : CVE-2006-3063

Mitre link : CVE-2006-3063

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

myphp_guestbook

  • myphp_guestbook