2 matches found
CVE-2006-3160
Cross-site scripting XSS vulnerability in fm.php in ONEdotOH Simple File Manager SFM 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2006-3160
The CVE-2006-3160 entry describes a Cross-Site Scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) up to version 0.24a, specifically in fm.php where the msg parameter can be leveraged to inject arbitrary script/HTML. The vulnerability affects the fm.php component and arises from i...