Vulnerabilities > CVE-2006-4960 - Unspecified vulnerability in Blue Dragon PHP Blue Dragon Platinum2.8.0/Platinum2.9.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN blue-dragon
exploit available
Summary
Cross-site scripting (XSS) vulnerability in index.php Php Blue Dragon 2.9.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter, which is reflected in an error message resulting from a failed SQL query.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Exploit-Db
description | Php Blue Dragon CMS <= 2.9.1 (XSS/SQL) Code Execution Exploit. CVE-2006-4960,CVE-2006-4961,CVE-2006-4962. Webapps exploit for php platform |
file | exploits/php/webapps/2402.php |
id | EDB-ID:2402 |
last seen | 2016-01-31 |
modified | 2006-09-20 |
platform | php |
port | |
published | 2006-09-20 |
reporter | Kacper |
source | https://www.exploit-db.com/download/2402/ |
title | Php Blue Dragon CMS <= 2.9.1 XSS/SQL Code Execution Exploit |
type | webapps |
References
- http://secunia.com/advisories/22031
- http://secunia.com/advisories/22031
- http://www.securityfocus.com/bid/20123
- http://www.securityfocus.com/bid/20123
- http://www.vupen.com/english/advisories/2006/3736
- http://www.vupen.com/english/advisories/2006/3736
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29051
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29066
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29066
- https://www.exploit-db.com/exploits/2402
- https://www.exploit-db.com/exploits/2402