Lucene search

[email protected]CVE-2006-1256

HistoryMar 19, 2006 - 1:02 a.m.

CVE-2006-1256

2006-03-1901:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-1256

cross-site scripting

xss

vulnerability

guestbook.php

soren boysen

skullsplitter

php

2.6

remote attackers

web script

html

url parameter

nvd

5.9 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.7%

JSON

Cross-site scripting (XSS) vulnerability in guestbook.php in Soren Boysen (SkullSplitter) PHP Guestbook 2.6 allows remote attackers to inject arbitrary web script or HTML via the url parameter.

CPENameOperatorVersion
skullsplitter:php_guestbookskullsplitter php guestbookle2.6
skullsplitter:php_guestbookskullsplitter php guestbookeq2.7

CPE	Name	Operator	Version
skullsplitter:php_guestbook	skullsplitter php guestbook	le	2.6
skullsplitter:php_guestbook	skullsplitter php guestbook	eq	2.7

References

attrition.org/pipermail/vim/2006-March/000613.html

evuln.com/vulns/104/summary.html

secunia.com/advisories/19268

securityreason.com/securityalert/650

www.boysen.be/en/

www.osvdb.org/23941

www.securityfocus.com/archive/1/429254/100/0/threaded

www.securityfocus.com/bid/17136

www.vupen.com/english/advisories/2006/0974

exchange.xforce.ibmcloud.com/vulnerabilities/25293

5.9 Medium

AI Score

Confidence

High

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.7%

JSON

Related for CVE-2006-1256

prion1 packetstorm1 securityvulns1