Vulnerability Details CVE-2006-5530
Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews before 2.34.01 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/index.php, (2) admin/pwlost.php, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.5%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/22535
- http://www.boesch-it.de/sw/php-scripts/simpnews/english/index.php
- http://www.securityfocus.com/bid/20714
- http://www.vupen.com/english/advisories/2006/4162
- http://secunia.com/advisories/22535
- http://www.boesch-it.de/sw/php-scripts/simpnews/english/index.php
- http://www.securityfocus.com/bid/20714
- http://www.vupen.com/english/advisories/2006/4162
Products affected by CVE-2006-5530
-
cpe:2.3:a:boesch_it-consulting:simpnews:*
-
cpe:2.3:a:boesch_it-consulting:simpnews:2.0.1
-
cpe:2.3:a:boesch_it-consulting:simpnews:2.13
-
cpe:2.3:a:boesch_it-consulting:simpnews:2.30