Lucene search

MitreCVE-2006-3160

HistoryJun 22, 2006 - 10:06 p.m.

CVE-2006-3160

2006-06-2222:06:00

mitre

web.nvd.nist.gov

cve-2006-3160

cross-site scripting

xss

vulnerability

onedotoh simple file manager

security

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Affected configurations

Nvd

Node

onedotohsimple_file_managerRange≤0.24a

VendorProductVersionCPE
onedotohsimple_file_manager*cpe:2.3:a:onedotoh:simple_file_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
onedotoh	simple_file_manager	*	cpe:2.3:a:onedotoh:simple_file_manager::::::::

References

secunia.com/advisories/20668

www.osvdb.org/26665

www.securityfocus.com/archive/1/437671/100/100/threaded

www.securityfocus.com/bid/18534

www.vupen.com/english/advisories/2006/2435

exchange.xforce.ibmcloud.com/vulnerabilities/27306

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Related for CVE-2006-3160