Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2006-3767

Published: 21/07/2006 Updated: 17/10/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in showprofile.php in Darren's $5 Script Archive osDate 1.1.7 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the onerror attribute in an HTML IMG tag with a non-existent source file in txtcomment parameter, which is used when posting a comment.

Vulnerable Product Search on Vulmon Subscribe to Product

darrens 5-dollar script archive osdate

darrens 5-dollar script archive osdate 1.1.5

darrens 5-dollar script archive osdate 1.1.6

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/19034http://secunia.com/advisories/21103http://securitytracker.com/id?1016700http://archives.neohapsis.com/archives/bugtraq/2006-08/0285.htmlhttp://www.vupen.com/english/advisories/2006/2864https://exchange.xforce.ibmcloud.com/vulnerabilities/27814http://www.securityfocus.com/archive/1/440592/100/0/threadedhttp://www.securityfocus.com/archive/1/440490/100/0/threadedhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324path traversalCVE-2024-4743CVE-2024-5184TCPCVE-2024-27822code injectionCVE-2024-28995CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook