Lucene search

K
cve[email protected]CVE-2006-4421
HistoryAug 29, 2006 - 12:04 a.m.

CVE-2006-4421

2006-08-2900:04:00
web.nvd.nist.gov
35
cve-2006-4421
xss
yapig
web security
vulnerability

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

66.3%

Cross-site scripting (XSS) vulnerability in template/default/thanks_comment.php in Yet Another PHP Image Gallery (YaPIG) 0.95b allows remote attackers to inject arbitrary web script or HTML via the D_REFRESH_URL parameter.

Affected configurations

NVD
Node
yapigyapigMatch0.95b
CPENameOperatorVersion
yapig:yapigyapigeq0.95b

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

66.3%

Related for CVE-2006-4421