Vulnerabilities > CVE-2006-6544 - Cross-Site Scripting vulnerability in Cm68 News
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Cross-site scripting (XSS) vulnerability in CM68 News allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | CM68 News <= 12.02.06 (addpth) Remote File Inclusion Vulnerability. CVE-2006-6462,CVE-2006-6544. Webapps exploit for php platform |
| file | exploits/php/webapps/2897.txt |
| id | EDB-ID:2897 |
| last seen | 2016-01-31 |
| modified | 2006-12-08 |
| platform | php |
| port | |
| published | 2006-12-08 |
| reporter | Paul Bakoyiannis |
| source | https://www.exploit-db.com/download/2897/ |
| title | CM68 News <= 12.02.06 addpth Remote File Inclusion Vulnerability |
| type | webapps |