CVE-2006-3149

CVE-2006-3149

EPSS 1.3%

Cross-site scripting (XSS) vulnerability in topic.php in phpMyForum 4.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the highlight parameter.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://pridels0.blogspot.com/2006/06/phpmyforum-413-xss-vuln.html http://secunia.com/advisories/20678 https://exchange.xforce.ibmcloud.com/vulnerabilities/27250 http://www.osvdb.org/26678 http://www.securityfocus.com/bid/18542 http://www.vupen.com/english/advisories/2006/2437