CVE-2006-2394 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-2394

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in chat.php in PHP Live Helper allows remote attackers to inject arbitrary web script or HTML via the PHPSESSID parameter.

Affected Software

Name	Vendor	Start Version	End Version
Php_live_helper	Turnkey_web_tools	1.8 (including)	1.8 (including)

References

http://securityreason.com/securityalert/895
http://www.securityfocus.com/archive/1/433888/100/0/threaded
http://www.securityfocus.com/bid/17960
https://exchange.xforce.ibmcloud.com/vulnerabilities/26497
http://securityreason.com/securityalert/895
http://www.securityfocus.com/archive/1/433888/100/0/threaded
http://www.securityfocus.com/bid/17960
https://exchange.xforce.ibmcloud.com/vulnerabilities/26497