CVE-2006-4038

2006-08-0922:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.011

Percentile

84.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in eintragen.php in GaesteChaos 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gastname or (2) gastwohnort parameters.

References

marc.info/?l=full-disclosure&m=115464286427745&w=2

secunia.com/advisories/21357

www.securityfocus.com/archive/1/442205/100/200/threaded

www.securityfocus.com/bid/19343

www.vupen.com/english/advisories/2006/3155

exchange.xforce.ibmcloud.com/vulnerabilities/28219