CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-6874

Multiple cross-site scripting (XSS) vulnerabilities in friend.php in eNdonesia 8.4 allow remote attackers to inject arbitrary web script or HTML via the (1) Message or (2) Your Name field. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.8%

CVSS Severity

CVSS v2 Score 6.8

References

http://secunia.com/advisories/23502
http://secunia.com/advisories/23502

Products affected by CVE-2006-6874

Endonesia » Endonesia » Version: 8.4

cpe:2.3:a:endonesia:endonesia:8.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-6874

Products

Pricing

Contact Us