Vulnerability Details CVE-2006-1504
Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in (1) online.php and (2) download.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.032
EPSS Ranking 86.5%
CVSS Severity
CVSS v2 Score 5.1
References
- http://secunia.com/advisories/19445
- http://securityreason.com/securityalert/673
- http://www.osvdb.org/24220
- http://www.osvdb.org/24221
- http://www.securityfocus.com/archive/1/429109/100/0/threaded
- http://www.securityfocus.com/bid/17285
- http://www.vupen.com/english/advisories/2006/1150
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25515
- http://secunia.com/advisories/19445
- http://securityreason.com/securityalert/673
- http://www.osvdb.org/24220
- http://www.osvdb.org/24221
- http://www.securityfocus.com/archive/1/429109/100/0/threaded
- http://www.securityfocus.com/bid/17285
- http://www.vupen.com/english/advisories/2006/1150
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25515
Products affected by CVE-2006-1504
-
cpe:2.3:a:arab_portal:arab_portal:2.0