CVE-2006-4988

2006-09-2601:43:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.1%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Patrick Michaelis Wili-CMS allow remote attackers to inject arbitrary web script or HTML via (1) the query string to relocate.php, (2) the globals[pageid] parameter in example-view/inc/print_button.php, and other unspecified vectors.

References

securityreason.com/securityalert/1633

www.securityfocus.com/archive/1/446575/100/0/threaded

www.securityfocus.com/bid/20134

exchange.xforce.ibmcloud.com/vulnerabilities/29098