CVE-2006-6487

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2006-6487
Cross-site scripting (XSS) vulnerability in index.php in DT Guestbook (dt_guestbook) 1.0f, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the error[] parameter.

5.1 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:H/Au:N/C:P/I:P/A:P

Exploitability : 4.9 / Impact : 6.4

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/23778 Exploit Vendor Advisory
http://www.netvigilance.com/advisory0010 Exploit Vendor Advisory
http://www.osvdb.org/30787 Exploit
http://www.securityfocus.com/archive/1/457059/100/0/threaded
http://www.securityfocus.com/bid/22078
http://www.vupen.com/english/advisories/2007/0205
https://exchange.xforce.ibmcloud.com/vulnerabilities/31518
http://secunia.com/advisories/23778 Exploit Vendor Advisory
http://www.netvigilance.com/advisory0010 Exploit Vendor Advisory
http://www.osvdb.org/30787 Exploit
http://www.securityfocus.com/archive/1/457059/100/0/threaded
http://www.securityfocus.com/bid/22078
http://www.vupen.com/english/advisories/2007/0205
https://exchange.xforce.ibmcloud.com/vulnerabilities/31518
Configurations

Configuration 1 (hide)

cpe:2.3:a:dt_guestbook:dt_guestbook:1.0f:*:*:*:*:*:*:*
History

21 Nov 2024, 00:22

Type Values Removed Values Added
References () http://secunia.com/advisories/23778 - Exploit, Vendor Advisory () http://secunia.com/advisories/23778 - Exploit, Vendor Advisory
References () http://www.netvigilance.com/advisory0010 - Exploit, Vendor Advisory () http://www.netvigilance.com/advisory0010 - Exploit, Vendor Advisory
References () http://www.osvdb.org/30787 - Exploit () http://www.osvdb.org/30787 - Exploit
References () http://www.securityfocus.com/archive/1/457059/100/0/threaded - () http://www.securityfocus.com/archive/1/457059/100/0/threaded -
References () http://www.securityfocus.com/bid/22078 - () http://www.securityfocus.com/bid/22078 -
References () http://www.vupen.com/english/advisories/2007/0205 - () http://www.vupen.com/english/advisories/2007/0205 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/31518 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/31518 -
Information

Published : 2007-01-16 19:28

Updated : 2024-11-21 00:22

NVD link : CVE-2006-6487

Mitre link : CVE-2006-6487

CVE.ORG link : CVE-2006-6487

JSON object : View

Products Affected

dt_guestbook

  • dt_guestbook
CWE
NVD-CWE-Other