CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-3333

Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to inject web script or HTML via the multiple unspecified parameters, including the (1) frommethod, (2) list, and (3) method, which are reflected in an error message. NOTE: some of these vectors might be resultant from SQL injection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.8%

CVSS Severity

CVSS v2 Score 2.6

References

http://pridels0.blogspot.com/2006/06/zorum-forum-35-vuln.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/19598
http://pridels0.blogspot.com/2006/06/zorum-forum-35-vuln.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/19598

Products affected by CVE-2006-3333

Phpoutsourcing » Zorum » Version: 3.5

cpe:2.3:a:phpoutsourcing:zorum:3.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3333

Products

Pricing

Contact Us