Vulnerabilities > CVE-2006-0366 - Unspecified vulnerability in PHPclanwebsite 1.23.1
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in Phpclanwebsite (aka PCW) allows remote attackers to inject arbitrary web script or HTML via a javascript URI in a BBCode img tag. A simple fix has been released on the Main PCW site available directly at <a href="http://www.phpclanwebsite.com/index.php?page=downloads&func=browselist&par=1">http://www.phpclanwebsite.com/index.php?page=downloads&func=browselist&par=1 </a>Please download and install imediately.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Phpclanwebsite 1.23.1 BBCode IMG Tag Script Injection Vulnerability. CVE-2006-0366. Webapps exploit for php platform |
id | EDB-ID:27109 |
last seen | 2016-02-03 |
modified | 2005-12-28 |
published | 2005-12-28 |
reporter | kurdish hackers team |
source | https://www.exploit-db.com/download/27109/ |
title | Phpclanwebsite 1.23.1 BBCode IMG Tag Script Injection Vulnerability |