Lucene search

[email protected]CVE-2006-3063

HistoryJun 19, 2006 - 10:02 a.m.

CVE-2006-3063

2006-06-1910:02:00

[email protected]

web.nvd.nist.gov

cve

2006

3063

xss

vulnerabilities

myphp guestbook

remote attackers

web script

html

index.php

admin/guestbook.php

admin/edit.php

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and before 2.0.1 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) email, (3) homepage, (4) id, (5) name, and (6) text parameters in (a) index.php, the (7) comment, (8) email, (9) homepage, (10) number, (11) name, and (12) text parameters in (b) admin/guestbook.php, and the (13) email, (14) homepage, (15) icq, (16) name, and (17) text parameters in © admin/edit.php.

Affected configurations

NVD

Node

myphp_guestbookmyphp_guestbookMatch1.0

myphp_guestbookmyphp_guestbookMatch1.8

myphp_guestbookmyphp_guestbookMatch1.8.3

myphp_guestbookmyphp_guestbookMatch1.9

myphp_guestbookmyphp_guestbookMatch1.9.2

myphp_guestbookmyphp_guestbookMatch2.0.0

myphp_guestbookmyphp_guestbookMatch2.0.0-r1

myphp_guestbookmyphp_guestbookMatch2.0.0_alpha

myphp_guestbookmyphp_guestbookMatch2.0.0_beta

myphp_guestbookmyphp_guestbookMatch2.0.0_rc1

myphp_guestbookmyphp_guestbookMatch2.0.0_rc2

myphp_guestbookmyphp_guestbookMatch2.0.0_rc3

myphp_guestbookmyphp_guestbookMatch2.0.0_rc4

myphp_guestbookmyphp_guestbookMatch2.0.1_beta

myphp_guestbookmyphp_guestbookMatch2.0.1_rc1

myphp_guestbookmyphp_guestbookMatch2.0.1_rc2

myphp_guestbookmyphp_guestbookMatch2.0.1_rc3

myphp_guestbookmyphp_guestbookMatch2.0.1_rc4

CPENameOperatorVersion
myphp_guestbook:myphp_guestbookmyphp guestbookeq1.0
myphp_guestbook:myphp_guestbookmyphp guestbookeq1.8
myphp_guestbook:myphp_guestbookmyphp guestbookeq1.8.3
myphp_guestbook:myphp_guestbookmyphp guestbookeq1.9
myphp_guestbook:myphp_guestbookmyphp guestbookeq1.9.2
myphp_guestbook:myphp_guestbookmyphp guestbookeq2.0.0
myphp_guestbook:myphp_guestbookmyphp guestbookeq2.0.0-r1
myphp_guestbook:myphp_guestbookmyphp guestbookeq2.0.0_alpha
myphp_guestbook:myphp_guestbookmyphp guestbookeq2.0.0_beta
myphp_guestbook:myphp_guestbookmyphp guestbookeq2.0.0_rc1

CPE	Name	Operator	Version
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	1.0
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	1.8
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	1.8.3
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	1.9
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	1.9.2
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	2.0.0
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	2.0.0-r1
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	2.0.0_alpha
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	2.0.0_beta
myphp_guestbook:myphp_guestbook	myphp guestbook	eq	2.0.0_rc1

Rows per page:

1-10 of 181

References

secunia.com/advisories/20764

www.networkarea.ch/forum/topic.php?id=4&s=9106beea248ecd1a552439168ada227e

www.securityfocus.com/bid/18582

www.vupen.com/english/advisories/2006/2480

exchange.xforce.ibmcloud.com/vulnerabilities/27293

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.0%

JSON

Related for CVE-2006-3063

cvelist1 nvd1