CVE Vulnerabilities

CVE-2006-3063

Published: Jun 19, 2006 | Modified: Jul 20, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.6 LOW
AV:N/AC:H/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and before 2.0.1 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) email, (3) homepage, (4) id, (5) name, and (6) text parameters in (a) index.php, the (7) comment, (8) email, (9) homepage, (10) number, (11) name, and (12) text parameters in (b) admin/guestbook.php, and the (13) email, (14) homepage, (15) icq, (16) name, and (17) text parameters in (c) admin/edit.php.

Affected Software

Name Vendor Start Version End Version
Myphp_guestbook Myphp_guestbook 2.0.0_rc2 2.0.0_rc2
Myphp_guestbook Myphp_guestbook 2.0.0 2.0.0
Myphp_guestbook Myphp_guestbook 2.0.0_rc3 2.0.0_rc3
Myphp_guestbook Myphp_guestbook 1.8 1.8
Myphp_guestbook Myphp_guestbook 2.0.1_rc1 2.0.1_rc1
Myphp_guestbook Myphp_guestbook 1.9.2 1.9.2
Myphp_guestbook Myphp_guestbook 2.0.0_rc4 2.0.0_rc4
Myphp_guestbook Myphp_guestbook 2.0.1_rc3 2.0.1_rc3
Myphp_guestbook Myphp_guestbook 2.0.1_beta 2.0.1_beta
Myphp_guestbook Myphp_guestbook 2.0.1_rc2 2.0.1_rc2
Myphp_guestbook Myphp_guestbook 1.9 1.9
Myphp_guestbook Myphp_guestbook 2.0.1_rc4 2.0.1_rc4
Myphp_guestbook Myphp_guestbook 2.0.0_rc1 2.0.0_rc1
Myphp_guestbook Myphp_guestbook 1.8.3 1.8.3
Myphp_guestbook Myphp_guestbook 2.0.0_beta 2.0.0_beta
Myphp_guestbook Myphp_guestbook 1.0 1.0
Myphp_guestbook Myphp_guestbook 2.0.0-r1 2.0.0-r1
Myphp_guestbook Myphp_guestbook 2.0.0_alpha 2.0.0_alpha

References