CVE-2006-3333 in Zoruminfo

Summary

Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to inject web script or HTML via the multiple unspecified parameters, including the (1) frommethod, (2) list, and (3) method, which are reflected in an error message. NOTE: some of these vectors might be resultant from SQL injection.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

06/30/2006

Disclosure

06/30/2006

Moderation

VulDB entry created

Entries

VDB-31115 (1)

CPE

ready

CWE

CWE-80 (Confirmed)

CVSS

4.3

EPSS

0.00247

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2006-3333
NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-3333
CVE Details	https://www.cvedetails.com/cve/CVE-2006-3333/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!