Vulnerabilities > CVE-2006-3004 - Unspecified vulnerability in Scriptsez EZ Ringtone Manager
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://secunia.com/advisories/20530
- http://secunia.com/advisories/20530
- http://securityreason.com/securityalert/1097
- http://securityreason.com/securityalert/1097
- http://www.securityfocus.com/archive/1/436424
- http://www.securityfocus.com/archive/1/436424
- http://www.securityfocus.com/bid/18340
- http://www.securityfocus.com/bid/18340
- http://www.vupen.com/english/advisories/2006/2237
- http://www.vupen.com/english/advisories/2006/2237
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27062
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27062