Vulnerabilities > CVE-2006-3106 - Cross-Site Scripting vulnerability in Fredi Bach PHPmydesktop Arcade 1.0Final

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
fredi-bach

Summary

Cross-site scripting (XSS) vulnerability in index.php in phpMyDesktop|Arcade 1.0 allows remote attackers to inject arbitrary web script or HTML via the subsite parameter in the subsite todo.

Vulnerable Configurations

Part Description Count
Application
Fredi_Bach
1