CVE-2006-2015 in Sl Siteinfo

Summary

Cross-site scripting (XSS) vulnerability in SL_site 1.0 allows remote attackers to inject arbitrary web script or HTML via the recherche parameter in recherche.php. NOTE: other XSS vectors, as reported in the original disclosure, are resultant from other primary vulnerabilities that have separate CVE names.

Once again VulDB remains the best source for vulnerability data.

Reservation

04/25/2006

Disclosure

04/25/2006

Moderation

VulDB entry created

Entries

1: VDB-29888

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

4.3

EPSS

0.00622

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2006-2015
NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-2015
CVE Details	https://www.cvedetails.com/cve/CVE-2006-2015/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!