Vulnerabilities > CVE-2006-2610 - Cross-Site Scripting vulnerability in Spiffyjr PHPraid 2.9.5

CVSS 2.6 - LOW

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

high complexity

spiffyjr

NVD

Published: 2006-05-26

Updated: 2018-10-18

Summary

Cross-site scripting (XSS) vulnerability in view.php in phpRaid 2.9.5 allows remote attackers to inject arbitrary web script or HTML via the (1) URL query string and the (2) Sort parameter.

Vulnerable Configurations

Part	Description	Count
Application	Spiffyjr Spiffyjr Phpraid 2.9.5	1

References

http://securityreason.com/securityalert/962
http://www.securityfocus.com/archive/1/434736/100/0/threaded
http://www.securityfocus.com/bid/18042
https://exchange.xforce.ibmcloud.com/vulnerabilities/26599