CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-5827

Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpComasy CMS 0.7.9pre and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username or (2) password parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.7%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/22760
http://securityreason.com/securityalert/1843
http://www.majorsecurity.de/index_2.php?major_rls=major_rls32
http://www.securityfocus.com/archive/1/450712
http://www.securityfocus.com/bid/20938
https://exchange.xforce.ibmcloud.com/vulnerabilities/30053
http://secunia.com/advisories/22760
http://securityreason.com/securityalert/1843
http://www.majorsecurity.de/index_2.php?major_rls=major_rls32
http://www.securityfocus.com/archive/1/450712
http://www.securityfocus.com/bid/20938
https://exchange.xforce.ibmcloud.com/vulnerabilities/30053

Products affected by CVE-2006-5827

Phpcomasy » Phpcomasy » Version: 0.7.4

cpe:2.3:a:phpcomasy:phpcomasy:0.7.4
Phpcomasy » Phpcomasy » Version: 0.7.5

cpe:2.3:a:phpcomasy:phpcomasy:0.7.5
Phpcomasy » Phpcomasy » Version: 0.7.9pre

cpe:2.3:a:phpcomasy:phpcomasy:0.7.9pre

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-5827

Products

Pricing

Contact Us