Vulnerabilities > CVE-2006-6520 - Input Validation vulnerability in Scriptphp Messageriescripthp 2.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple cross-site scripting (XSS) vulnerabilities in Messageriescripthp 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pseudo parameter to (a) existepseudo.php, the (2) email parameter to (b) existeemail.php, or the (3) pageName or (4) cssform parameter to (c) Contact/contact.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description Messageriescripthp 2.0 existepseudo.php pseudo Parameter XSS. CVE-2006-6520. Webapps exploit for php platform id EDB-ID:29243 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29243/ title Messageriescripthp 2.0 existepseudo.php pseudo Parameter XSS description Messageriescripthp 2.0 existeemail.php email Parameter XSS. CVE-2006-6520. Webapps exploit for php platform id EDB-ID:29244 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29244/ title Messageriescripthp 2.0 existeemail.php email Parameter XSS description Messageriescripthp 2.0 Contact/contact.php Multiple Parameter XSS. CVE-2006-6520. Webapps exploit for php platform id EDB-ID:29245 last seen 2016-02-03 modified 2006-12-09 published 2006-12-09 reporter Mr_KaLiMaN source https://www.exploit-db.com/download/29245/ title Messageriescripthp 2.0 Contact/contact.php Multiple Parameter XSS