CVE-2006-3514

2006-07-1123:00:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in admin/actions.php in PHP-Blogger 2.2.5, and possibly earlier versions, allow remote attackers to execute arbitrary web script or HTML via the (1) name, (2) title, (3) news, (4) description, and (5) sitename parameters.

References

secunia.com/advisories/20989

securityreason.com/securityalert/1202

www.securityfocus.com/archive/1/439440/100/0/threaded

www.securityfocus.com/bid/18909

www.vupen.com/english/advisories/2006/2710

exchange.xforce.ibmcloud.com/vulnerabilities/27630