4.3
CVSSv2

CVE-2006-1535

Published: 30/03/2006 Updated: 18/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and previous versions allows remote malicious users to inject arbitrary web script or HTML via the m parameter.

Vulnerable Product Search on Vulmon Subscribe to Product

phoetux.net phxcontacts 0.93

phoetux.net phxcontacts 0.93.1

Exploits

source: wwwsecurityfocuscom/bid/17307/info PhxContacts is prone to a cross-site scripting vulnerability This issue is due to a failure in the application to properly sanitize user-supplied input An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affec ...