Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and the (2) email parameter in lista.php.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Longino | Jacome Php-Revista | 1.1.2 |
References
- http://secunia.com/advisories/21738ExploitVendor Advisory
- http://securityreason.com/securityalert/1499
- http://www.attrition.org/pipermail/vim/2009-April/002167.html
- http://www.osvdb.org/28450
- http://www.securityfocus.com/archive/1/445007/100/0/threaded
- http://www.securityfocus.com/archive/1/502637/100/0/threaded
- http://www.securityfocus.com/bid/19818
- https://www.exploit-db.com/exploits/8425
- http://secunia.com/advisories/21738ExploitVendor Advisory
- http://securityreason.com/securityalert/1499
- http://www.attrition.org/pipermail/vim/2009-April/002167.html
- http://www.osvdb.org/28450
- http://www.securityfocus.com/archive/1/445007/100/0/threaded
- http://www.securityfocus.com/archive/1/502637/100/0/threaded
- http://www.securityfocus.com/bid/19818
FAQ
What is CVE-2006-4608?
CVE-2006-4608 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in Longino Jacome php-Revista 1.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) cadena parameter in busqueda.php and t...
How severe is CVE-2006-4608?
CVE-2006-4608 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4608?
Check the references section above for vendor advisories and patch information. Affected products include: Longino Jacome Php-Revista.