Vulnerability Details CVE-2006-3051
Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to inject arbitrary script code or HTML via the page parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.2%
CVSS Severity
CVSS v2 Score 5.1
References
- http://secunia.com/advisories/20655
- http://securityreason.com/securityalert/1101
- http://securitytracker.com/id?1016282
- http://www.majorsecurity.de/advisory/major_rls17.txt
- http://www.securityfocus.com/archive/1/437047/100/0/threaded
- http://www.securityfocus.com/archive/1/437639/100/0/threaded
- http://www.securityfocus.com/bid/18393
- http://www.vupen.com/english/advisories/2006/2386
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27108
- http://secunia.com/advisories/20655
- http://securityreason.com/securityalert/1101
- http://securitytracker.com/id?1016282
- http://www.majorsecurity.de/advisory/major_rls17.txt
- http://www.securityfocus.com/archive/1/437047/100/0/threaded
- http://www.securityfocus.com/archive/1/437639/100/0/threaded
- http://www.securityfocus.com/bid/18393
- http://www.vupen.com/english/advisories/2006/2386
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27108
Products affected by CVE-2006-3051
-
cpe:2.3:a:six_offene_systeme_gmbh:sixcms:*