Lucene search

[email protected]NVD:CVE-2006-2425

HistoryMay 17, 2006 - 10:06 a.m.

CVE-2006-2425

2006-05-1710:06:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.017

Percentile

88.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpRemoteView, possibly 2003-10-23 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) f, (2) d, and (3) ref parameters, and the (4) “MAKE DIR” and (5) “Full file name” fields.

Affected configurations

Nvd

Node

phpremoteviewphpremoteviewRange≤2003-10-23

VendorProductVersionCPE
phpremoteviewphpremoteview*cpe:2.3:a:phpremoteview:phpremoteview:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpremoteview	phpremoteview	*	cpe:2.3:a:phpremoteview:phpremoteview::::::::

References

secunia.com/advisories/20141

securityreason.com/securityalert/902

soot.shabgard.org/bugs/phpremoteview.txt

www.osvdb.org/25572

www.securityfocus.com/archive/1/434118/100/0/threaded

www.securityfocus.com/bid/17994

www.vupen.com/english/advisories/2006/1844

exchange.xforce.ibmcloud.com/vulnerabilities/26473

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.9

Confidence

High

EPSS

0.017

Percentile

88.0%

JSON

Related for NVD:CVE-2006-2425

cve1 prion1 exploitdb1 cvelist1