Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-2975
HistoryJun 12, 2006 - 10:02 p.m.

CVE-2006-2975

2006-06-1222:02:00
[email protected]
web.nvd.nist.gov
2

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.237

Percentile

96.6%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in pblguestbook.php in PBL Guestbook 1.31 allow remote attackers to inject arbitrary web script or HTML via javascript in the SRC attribute of IMG tags in the (1) name, (2) email, and (3) website parameter, which bypasses XSS protection mechanisms that check for SCRIPT tags but not IMG. NOTE: portions of this description’s details are obtained from third party information.

Affected configurations

Nvd
Node
pbl_guestbookpbl_guestbookMatch1.31
VendorProductVersionCPE
pbl_guestbookpbl_guestbook1.31cpe:2.3:a:pbl_guestbook:pbl_guestbook:1.31:*:*:*:*:*:*:*

Related

cvelist 2
cve 2
nvd 1
cvelist
cvelist
CVE-2006-2975
2006-06-12 22:00:00
CVE-2006-3617
2006-07-14 21:00:00
cve
cve
CVE-2006-2975
2006-06-12 22:02:00
CVE-2006-3617
2006-07-18 15:46:00
nvd
nvd
CVE-2006-3617
2006-07-18 15:46:00

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.237

Percentile

96.6%

JSON
Related for NVD:CVE-2006-2975
cvelist2cve2nvd1