Lucene search

K

MitreCVELIST:CVE-2006-5227

HistoryOct 10, 2006 - 9:00 p.m.

CVE-2006-5227

2006-10-1021:00:00

mitre

www.cve.org

5.6 Medium

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

Cross-site scripting (XSS) vulnerability in admin.php in TorrentFlux 2.1 allows remote attackers to inject arbitrary web script or HTML via (1) the $user_agent variable, probably obtained from the User-Agent HTTP header, and possibly (2) the $ip_resolved variable.

References

secunia.com/advisories/22293

securityreason.com/securityalert/1706

securitytracker.com/id?1017007

www.securityfocus.com/archive/1/447836/100/0/threaded

www.securityfocus.com/bid/20371

www.stevenroddis.com.au/2006/10/06/torrentflux-user-agent-xss-vulnerability/

exchange.xforce.ibmcloud.com/vulnerabilities/29374

5.6 Medium

AI Score

Confidence

High

0.05 Low

EPSS

Percentile

92.9%

Related for CVELIST:CVE-2006-5227

freebsd1 cve2 nessus1 ubuntucve2 nvd2 openvas2 cvelist1