Vulnerability Details CVE-2006-3051
Cross-site scripting (XSS) vulnerability in list.php in SixCMS 6.0, and other versions before 6.0.6patch2, allows remote attackers to inject arbitrary script code or HTML via the page parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 78.8%
CVSS Severity
CVSS v2 Score 5.1
References
- http://secunia.com/advisories/20655
- http://securityreason.com/securityalert/1101
- http://securitytracker.com/id?1016282
- http://www.majorsecurity.de/advisory/major_rls17.txt
- http://www.securityfocus.com/archive/1/437047/100/0/threaded
- http://www.securityfocus.com/archive/1/437639/100/0/threaded
- http://www.securityfocus.com/bid/18393
- http://www.vupen.com/english/advisories/2006/2386
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27108
- http://secunia.com/advisories/20655
- http://securityreason.com/securityalert/1101
- http://securitytracker.com/id?1016282
- http://www.majorsecurity.de/advisory/major_rls17.txt
- http://www.securityfocus.com/archive/1/437047/100/0/threaded
- http://www.securityfocus.com/archive/1/437639/100/0/threaded
- http://www.securityfocus.com/bid/18393
- http://www.vupen.com/english/advisories/2006/2386
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27108
Products affected by CVE-2006-3051
-
cpe:2.3:a:six_offene_systeme_gmbh:sixcms:*