Vulnerability Details CVE-2006-5144
Cross-site scripting (XSS) vulnerability in userupload.php in OlateDownload 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the description_small parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 78.0%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/22241
- http://securityreason.com/securityalert/1680
- http://www.securityfocus.com/archive/1/447424/100/0/threaded
- http://www.securityfocus.com/bid/20278
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29292
- http://secunia.com/advisories/22241
- http://securityreason.com/securityalert/1680
- http://www.securityfocus.com/archive/1/447424/100/0/threaded
- http://www.securityfocus.com/bid/20278
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29292
Products affected by CVE-2006-5144
-
cpe:2.3:a:olate:olatedownload:3.4.0