Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2518

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2006-2518
Last Modified 07 Mar 2011 09:36:23
Published 22 May 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-2518

Summary

Cross-site scripting (XSS) vulnerability in phpwcms 1.2.5-DEV allows remote attackers to inject arbitrary web script or HTML via the BL[be_cnt_plainhtml] parameter to include/inc_tmpl/content/cnt6.inc.php.

Vulnerable Systems

Application

  • Phpwcms 1.2.5 Dev


References

VUPEN - ADV-2006-1934

BUGTRAQ - 20060521 [KAPDA::#43] - phpwcms multiple vulnerabilities

MISC - http://www.kapda.ir/advisory-331.html

XF - phpwcms-template-files-xss(26638)

BID - 18063

SREASON - 939

SECUNIA - 20239


Last Updated: 27 May 2016 10:42:39