CVE-2006-0806

2006-02-2100:00:00

ubuntu.com

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.27 Low

EPSS

Percentile

96.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used
in multiple packages such as phpESP, allow remote attackers to inject
arbitrary web script or HTML via (1) the next_page parameter in
adodb-pager.inc.php and (2) other unspecified vectors related to PHP_SELF.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchlibphp-adodb< 4.72-0.1ubuntu1UNKNOWN
ubuntu6.10noarchlibphp-adodb< 4.72-0.1ubuntu1UNKNOWN
ubuntu7.04noarchlibphp-adodb< 4.72-0.1ubuntu1UNKNOWN
ubuntu7.10noarchlibphp-adodb< 4.72-0.1ubuntu1UNKNOWN
ubuntu6.06noarchmoodle< 1.5.3+20060108-1ubuntu1.1UNKNOWN
ubuntu6.10noarchmoodle< 1.6.1+20060825-1UNKNOWN
ubuntu7.04noarchmoodle< 1.6.1+20060825-1UNKNOWN
ubuntu7.10noarchmoodle< 1.8.2-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	libphp-adodb	< 4.72-0.1ubuntu1	UNKNOWN
ubuntu	6.10	noarch	libphp-adodb	< 4.72-0.1ubuntu1	UNKNOWN
ubuntu	7.04	noarch	libphp-adodb	< 4.72-0.1ubuntu1	UNKNOWN
ubuntu	7.10	noarch	libphp-adodb	< 4.72-0.1ubuntu1	UNKNOWN
ubuntu	6.06	noarch	moodle	< 1.5.3+20060108-1ubuntu1.1	UNKNOWN
ubuntu	6.10	noarch	moodle	< 1.6.1+20060825-1	UNKNOWN
ubuntu	7.04	noarch	moodle	< 1.6.1+20060825-1	UNKNOWN
ubuntu	7.10	noarch	moodle	< 1.8.2-1	UNKNOWN