CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-2325

Cross-site scripting (XSS) vulnerability in index.php in OnlyScript.info Online Universal Payment System Script allows remote attackers to inject arbitrary web script or HTML via the read parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Also, this issue might be resultant from directory traversal.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.7%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/20005
http://www.osvdb.org/25452
http://www.securityfocus.com/bid/17889
http://www.vupen.com/english/advisories/2006/1704
https://exchange.xforce.ibmcloud.com/vulnerabilities/26342
http://secunia.com/advisories/20005
http://www.osvdb.org/25452
http://www.securityfocus.com/bid/17889
http://www.vupen.com/english/advisories/2006/1704
https://exchange.xforce.ibmcloud.com/vulnerabilities/26342

Products affected by CVE-2006-2325

Onlyscript.info » Online Universal Payment System Script » Version: Any

cpe:2.3:a:onlyscript.info:online_universal_payment_system_script:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-2325

Products

Pricing

Contact Us