Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3514

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-3514
Last Modified 07 Mar 2011 09:38:47
Published 11 Jul 2006 07:05:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3514

Summary

Multiple cross-site scripting (XSS) vulnerabilities in admin/actions.php in PHP-Blogger 2.2.5, and possibly earlier versions, allow remote attackers to execute arbitrary web script or HTML via the (1) name, (2) title, (3) news, (4) description, and (5) sitename parameters.

Vulnerable Systems

Application

  • Phpblogger Php-blogger 2.2.5


References

VUPEN - ADV-2006-2710

BUGTRAQ - 20060707 PHP-Blogger Multiple Cross Site Scripting Vulnerabilities

XF - php-blogger-adminactions-xss(27630)

BID - 18909

SREASON - 1202

SECUNIA - 20989


Last Updated: 27 May 2016 10:43:02