Published: 28/09/2006 Updated: 17/10/2018

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 520

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Multiple cross-site scripting (XSS) vulnerabilities in DanPHPSupport 0.5, and other versions prior to 1.0, allow remote malicious users to inject arbitrary web script or HTML via the (1) page parameter in index.php or the (2) do parameter in admin.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
danphpsupport danphpsupport 0.5

source: wwwsecurityfocuscom/bid/20203/info DanPHPSupport is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This ...

source: wwwsecurityfocuscom/bid/20203/info DanPHPSupport is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input data An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site Th ...

NVD-CWE-Other http://www.securityfocus.com/bid/20203 http://securityreason.com/securityalert/1648 https://exchange.xforce.ibmcloud.com/vulnerabilities/29175 http://www.securityfocus.com/archive/1/448693/100/0/threaded http://www.securityfocus.com/archive/1/447002/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/28670/

CVE-2006-5066

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect