Vulnerabilities > CVE-2006-1021 - Cross-Site Scripting vulnerability in Pehepe Membership Management System and Uyelik Sistemi

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
pehepe
exploit available

Summary

Cross-site scripting (XSS) vulnerability in sol_menu.php in PeHePe Uyelik Sistemi (aka PeHePe MemberShip Management System) 3 allows remote attackers to inject arbitrary web script or HTML via the kuladi parameter ($kul_adi variable).

Vulnerable Configurations

Part Description Count
Application
Pehepe
2

Exploit-Db

descriptionPEHEPE Membership Management System v3 Sol_menu.PHP Cross-Site Scripting Vulnerability. CVE-2006-1021. Webapps exploit for php platform
idEDB-ID:27338
last seen2016-02-03
modified2006-02-26
published2006-02-26
reporterYunus Emre Yilmaz
sourcehttps://www.exploit-db.com/download/27338/
titlePEHEPE Membership Management System 3.0 - Sol_menu.PHP Cross-Site Scripting Vulnerability