Vulnerability Details CVE-2006-1582
Cross-site scripting (XSS) vulnerability in index.php in Blank'N'Berg 0.2 allows remote attackers to inject arbitrary web script or HTML via the _path parameter. NOTE: this might be resultant from the directory traversal issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.7%
CVSS Severity
CVSS v2 Score 5.8
References
- http://secunia.com/advisories/19520
- http://securitytracker.com/id?1015854
- http://www.osvdb.org/24374
- http://www.securityfocus.com/bid/17346
- http://www.silitix.com/bnb.php
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25618
- http://secunia.com/advisories/19520
- http://securitytracker.com/id?1015854
- http://www.osvdb.org/24374
- http://www.securityfocus.com/bid/17346
- http://www.silitix.com/bnb.php
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25618
Products affected by CVE-2006-1582
-
cpe:2.3:a:blanknberg:blanknberg:0.2