CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-3737

Cross-site scripting (XSS) vulnerability in filemanager/filemanager.php in the control panel in SWsoft Plesk 8.0 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the file parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.6%

CVSS Severity

CVSS v2 Score 4.3

References

http://securityreason.com/securityalert/1250
http://www.osvdb.org/28596
http://www.securityfocus.com/archive/1/440292/100/0/threaded
http://www.securityfocus.com/bid/19017
https://exchange.xforce.ibmcloud.com/vulnerabilities/27770
http://securityreason.com/securityalert/1250
http://www.osvdb.org/28596
http://www.securityfocus.com/archive/1/440292/100/0/threaded
http://www.securityfocus.com/bid/19017
https://exchange.xforce.ibmcloud.com/vulnerabilities/27770

Products affected by CVE-2006-3737

Swsoft » Plesk Control Panel » Version: Any

cpe:2.3:a:swsoft:plesk_control_panel:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3737

Products

Pricing

Contact Us