← back
CVE-2006-2506

CVE-2006-2506

EPSS 1.6%
Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO and (2) the category parameter.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://securityreason.com/securityalert/930https://exchange.xforce.ibmcloud.com/vulnerabilities/26482http://soot.shabgard.org/bugs/Sphider.txthttp://www.osvdb.org/25573http://www.securityfocus.com/archive/1/434119/100/0/threadedhttp://www.securityfocus.com/bid/17997http://www.vupen.com/english/advisories/2006/1845