CVE-2006-2746

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in F@cile Interactive Web 0.8.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) lang parameter in index.php, and the (2) mytheme and (3) myskin parameters in multiple "p-themes" index.inc.php files including (c) lowgraphic, (d) classic, (e) puzzle, (f) simple, and (g) ciao. NOTE: vectors 2 and 3 might be resultant from file inclusion issues.

🔗 References (18)

cve@mitrehttp://secunia.com/advisories/20358
cve@mitrehttp://securityreason.com/securityalert/1010
cve@mitrehttp://www.nukedx.com/?getxpl=35
cve@mitrehttp://www.nukedx.com/?viewdoc=35
cve@mitrehttp://www.osvdb.org/26104
cve@mitrehttp://www.osvdb.org/26105
cve@mitrehttp://www.securityfocus.com/archive/1/435283/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/18151
cve@mitrehttp://www.vupen.com/english/advisories/2006/2036
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20358
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/1010
af854a3a-2127-422b-91ae-364da2661108http://www.nukedx.com/?getxpl=35
af854a3a-2127-422b-91ae-364da2661108http://www.nukedx.com/?viewdoc=35
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/26104
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/26105

Is Your Infrastructure Affected by CVE-2006-2746?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-2746

📅 Published

🔄 Last Modified

🔗 References (18)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-2746?