Vulnerability Details CVE-2006-3765
Multiple cross-site scripting (XSS) vulnerabilities in Huttenlocher Webdesign hwdeGUEST 2.1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, as demonstrated by the "name input" field in new_entry.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://securityreason.com/securityalert/1258
- http://securitytracker.com/id?1016549
- http://www.securityfocus.com/archive/1/440455/100/0/threaded
- http://www.securityfocus.com/bid/19053
- http://www.vupen.com/english/advisories/2006/2871
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27805
- http://securityreason.com/securityalert/1258
- http://securitytracker.com/id?1016549
- http://www.securityfocus.com/archive/1/440455/100/0/threaded
- http://www.securityfocus.com/bid/19053
- http://www.vupen.com/english/advisories/2006/2871
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27805
Products affected by CVE-2006-3765
-
cpe:2.3:a:huttenlocher_webdesign:hwdeguest:*