Vulnerabilities > CVE-2006-6479 - Unspecified vulnerability in Scriptphp Annoncescripthp 2.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN scriptphp
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the email parameter in (1) erreurinscription.php, (2) Templates/admin.dwt.php, (3) Templates/commun.dwt.php, (4) membre.dwt.php, and (5) admin/admin_config/Aide.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description AnnonceScriptHP 2.0 Templates/admin.dwt.php email Parameter XSS. CVE-2006-6479. Webapps exploit for php platform id EDB-ID:29248 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29248/ title AnnonceScriptHP 2.0 Templates/admin.dwt.php email Parameter XSS description AnnonceScriptHP 2.0 membre.dwt.php email Parameter XSS. CVE-2006-6479. Webapps exploit for php platform id EDB-ID:29250 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29250/ title AnnonceScriptHP 2.0 membre.dwt.php email Parameter XSS description AnnonceScriptHP 2.0 admin/admin_config/Aide.php email Parameter XSS. CVE-2006-6479 . Webapps exploit for php platform id EDB-ID:29251 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29251/ title AnnonceScriptHP 2.0 admin/admin_config/Aide.php email Parameter XSS description AnnonceScriptHP 2.0 erreurinscription.php email Parameter XSS. CVE-2006-6479. Webapps exploit for php platform id EDB-ID:29247 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29247/ title AnnonceScriptHP 2.0 erreurinscription.php email Parameter XSS description AnnonceScriptHP 2.0 Templates/commun.dwt.php email Parameter XSS. CVE-2006-6479 . Webapps exploit for php platform id EDB-ID:29249 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29249/ title AnnonceScriptHP 2.0 Templates/commun.dwt.php email Parameter XSS
References
- http://secunia.com/advisories/23318
- http://secunia.com/advisories/23318
- http://securityreason.com/securityalert/2019
- http://securityreason.com/securityalert/2019
- http://www.securityfocus.com/archive/1/453966/100/0/threaded
- http://www.securityfocus.com/archive/1/453966/100/0/threaded
- http://www.securityfocus.com/bid/21514
- http://www.securityfocus.com/bid/21514
- http://www.vupen.com/english/advisories/2006/4940
- http://www.vupen.com/english/advisories/2006/4940
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30804
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30804