2 matches found
CVE-2006-3405
Cross-site scripting XSS vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the 1 delete, 2 pathext, and 3 edit parameters...
CVE-2006-3405
CVE-2006-3405 is a cross-site scripting (XSS) vulnerability in QTOFileManager 1.0 , exploitable via the qtofm.php parameters: (1) delete, (2) pathext, and (3) edit. The NVD entry notes a base score of 5.8 (MEDIUM) with network attack vector, requiring no authentication and partial impact on confi...