Vulnerability Details CVE-2006-3927
Cross-site scripting (XSS) vulnerability in auctionsearch.php in PhpProBid 5.24 allows remote attackers to inject arbitrary web script or HTML via the advsrc parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://archives.neohapsis.com/archives/bugtraq/2006-07/0474.html
- http://secunia.com/advisories/21201
- http://securityreason.com/securityalert/1298
- http://securitytracker.com/id?1016595
- http://www.osvdb.org/27544
- http://www.securityfocus.com/bid/19158
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28030
- http://archives.neohapsis.com/archives/bugtraq/2006-07/0474.html
- http://secunia.com/advisories/21201
- http://securityreason.com/securityalert/1298
- http://securitytracker.com/id?1016595
- http://www.osvdb.org/27544
- http://www.securityfocus.com/bid/19158
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28030
Products affected by CVE-2006-3927
-
cpe:2.3:a:php_pro_bid:php_pro_bid:5.24