CVE-2006-3333

Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to inject web script or HTML via the multiple unspecified parameters, including the (1) frommethod, (2) list, and (3) method, which are reflected in an error message. NOTE: some of these vectors might be resultant from SQL injection.
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpoutsourcing:zorum:3.5:*:*:*:*:*:*:*

History

21 Nov 2024, 00:13

Type Values Removed Values Added
References () http://pridels0.blogspot.com/2006/06/zorum-forum-35-vuln.html - () http://pridels0.blogspot.com/2006/06/zorum-forum-35-vuln.html -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/19598 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/19598 -

Information

Published : 2006-06-30 23:05

Updated : 2024-11-21 00:13


NVD link : CVE-2006-3333

Mitre link : CVE-2006-3333

CVE.ORG link : CVE-2006-3333


JSON object : View

Products Affected

phpoutsourcing

  • zorum