CVE-2006-3533

NONECVSS 0.0

0.0

Multiple cross-site scripting (XSS) vulnerabilities in Pivot 1.30 RC2 and earlier, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) fg, (2) line1, (3) line2, (4) bg, (5) c1, (6) c2, (7) c3, and (8) c4 parameters in (a) includes/blogroll.php; (9) name and (10) js_name parameters in (b) includes/editor/edit_menu.php; and, even if register_globals is not enabled, the (11) h and (12) w parameters in (c) includes/photo.php.

🔗 References (20)

cve@mitrehttp://retrogod.altervista.org/pivot_130RC2_xpl.html
cve@mitrehttp://secunia.com/advisories/20962
cve@mitrehttp://securityreason.com/securityalert/1214
cve@mitrehttp://www.osvdb.org/27127
cve@mitrehttp://www.osvdb.org/27128
cve@mitrehttp://www.osvdb.org/27129
cve@mitrehttp://www.securityfocus.com/archive/1/439495/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/18881
cve@mitrehttp://www.vupen.com/english/advisories/2006/2744
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/27672
af854a3a-2127-422b-91ae-364da2661108http://retrogod.altervista.org/pivot_130RC2_xpl.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/20962
af854a3a-2127-422b-91ae-364da2661108http://securityreason.com/securityalert/1214
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/27127
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/27128

Is Your Infrastructure Affected by CVE-2006-3533?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-3533

📅 Published

🔄 Last Modified

🔗 References (20)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-3533?