Vulnerabilities > CVE-2006-3405 - Unspecified vulnerability in QTO Qtofilemanager 1.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN qto
exploit available
Summary
Cross-site scripting (XSS) vulnerability in qtofm.php in QTOFileManager 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) delete, (2) pathext, and (3) edit parameters.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | QTO File Manager 1.0 Multiple Cross-Site Scripting Vulnerabilities. CVE-2006-3405. Webapps exploit for php platform |
| id | EDB-ID:28158 |
| last seen | 2016-02-03 |
| modified | 2006-07-03 |
| published | 2006-07-03 |
| reporter | EllipSiS Security |
| source | https://www.exploit-db.com/download/28158/ |
| title | QTO File Manager 1.0 - Multiple Cross-Site Scripting Vulnerabilities |
References
- http://securityreason.com/securityalert/1199
- http://securityreason.com/securityalert/1199
- http://securitytracker.com/id?1016427
- http://securitytracker.com/id?1016427
- http://www.securityfocus.com/archive/1/438960/100/0/threaded
- http://www.securityfocus.com/archive/1/438960/100/0/threaded
- http://www.securityfocus.com/bid/18791
- http://www.securityfocus.com/bid/18791