Vulnerabilities > CVE-2006-0366 - Unspecified vulnerability in PHPclanwebsite 1.23.1

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
phpclanwebsite
exploit available
NVD
Published: 2006-01-22
Updated: 2018-10-19

Summary

Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a BBCode img tag. A simple fix has been released on the Main PCW site available directly at <a href="http://www.phpclanwebsite.com/index.php?page=downloads&func=browselist&par=1">http://www.phpclanwebsite.com/index.php?page=downloads&func=browselist&par=1 </a>Please download and install imediately.

Vulnerable Configurations

Part Description Count
Application
Phpclanwebsite
1

Exploit-Db

descriptionPhpclanwebsite 1.23.1 BBCode IMG Tag Script Injection Vulnerability. CVE-2006-0366. Webapps exploit for php platform
idEDB-ID:27109
last seen2016-02-03
modified2005-12-28
published2005-12-28
reporterkurdish hackers team
sourcehttps://www.exploit-db.com/download/27109/
titlePhpclanwebsite 1.23.1 BBCode IMG Tag Script Injection Vulnerability

References