ID CVE-2006-4751
Summary Cross-site scripting (XSS) vulnerability in index.php in Laurentiu Matei eXpandable Home Page (XHP) CMS 0.5.1 allows remote attackers to inject arbitrary web script or HTML via the errcode parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:laurentiu_matei:expandable_home_page_cms:0.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:laurentiu_matei:expandable_home_page_cms:0.5.1:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 17-10-2018 - 21:39)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 19948
bugtraq 20060911 XHP CMS v0.5.1 Vuls Xss and Full path vuls
sectrack 1016823
secunia 21877
sreason 1565
vupen ADV-2006-3560
xf xhpcms-index-xss(28860)
Last major update 17-10-2018 - 21:39
Published 13-09-2006 - 22:07
Last modified 17-10-2018 - 21:39
Back to Top