CVE-2006-3476
published 2006-07-10CVE-2006-3476: Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
1.91%
77.2th percentile
Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpwebgallery | phpwebgallery | — | — |
| phpwebgallery | phpwebgallery | — | — |
| phpwebgallery | phpwebgallery | — | — |
| phpwebgallery | phpwebgallery | — | — |
| phpwebgallery | phpwebgallery | — | — |
| phpwebgallery | phpwebgallery | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/20935http://securityreason.com/securityalert/1228http://securitytracker.com/id?1016435http://www.securityfocus.com/archive/1/439049/100/0/threadedhttp://www.securityfocus.com/bid/18798http://www.vupen.com/english/advisories/2006/2669https://exchange.xforce.ibmcloud.com/vulnerabilities/27526http://secunia.com/advisories/20935http://securityreason.com/securityalert/1228http://securitytracker.com/id?1016435http://www.securityfocus.com/archive/1/439049/100/0/threadedhttp://www.securityfocus.com/bid/18798http://www.vupen.com/english/advisories/2006/2669https://exchange.xforce.ibmcloud.com/vulnerabilities/27526
2006-07-10
Published