Vulnerability Details CVE-2006-4608
Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.131
EPSS Ranking 93.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/21738
- http://securityreason.com/securityalert/1499
- http://www.attrition.org/pipermail/vim/2009-April/002167.html
- http://www.osvdb.org/28450
- http://www.securityfocus.com/archive/1/445007/100/0/threaded
- http://www.securityfocus.com/archive/1/502637/100/0/threaded
- http://www.securityfocus.com/bid/19818
- https://www.exploit-db.com/exploits/8425
- http://secunia.com/advisories/21738
- http://securityreason.com/securityalert/1499
- http://www.attrition.org/pipermail/vim/2009-April/002167.html
- http://www.osvdb.org/28450
- http://www.securityfocus.com/archive/1/445007/100/0/threaded
- http://www.securityfocus.com/archive/1/502637/100/0/threaded
- http://www.securityfocus.com/bid/19818
- https://www.exploit-db.com/exploits/8425
Products affected by CVE-2006-4608
-
cpe:2.3:a:longino:jacome_php-revista:1.1.2