← Voltar para CVEs

CVE-2006-0758

N/A

Descricao

Multiple cross-site scripting (XSS) vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via a URL encoded expression in the query string in (1) index.php and (2) possibly certain other scripts, which is not properly cleansed when accessed from the $_SERVER['PHP_SELF'] variable.

Detalhes CVE

Pontuacao CVSS v3.1N/A

Publicado2/18/2006

Ultima modificacao4/16/2026

Fontenvd

Avistamentos honeypot0

Produtos afetados

hivemail:hivemail

Referencias

http://archives.neohapsis.com/archives/bugtraq/2006-02/0162.html(cve@mitre.org)

http://forum.hivemail.com/showthread.php?p=26745(cve@mitre.org)

http://secunia.com/advisories/18807(cve@mitre.org)

http://www.gulftech.org/?node=research&article_id=00098-02102006(cve@mitre.org)

http://www.securityfocus.com/bid/16591(cve@mitre.org)

http://www.vupen.com/english/advisories/2006/0527(cve@mitre.org)

https://exchange.xforce.ibmcloud.com/vulnerabilities/24622(cve@mitre.org)

http://archives.neohapsis.com/archives/bugtraq/2006-02/0162.html(af854a3a-2127-422b-91ae-364da2661108)

http://forum.hivemail.com/showthread.php?p=26745(af854a3a-2127-422b-91ae-364da2661108)

http://secunia.com/advisories/18807(af854a3a-2127-422b-91ae-364da2661108)

http://www.gulftech.org/?node=research&article_id=00098-02102006(af854a3a-2127-422b-91ae-364da2661108)

http://www.securityfocus.com/bid/16591(af854a3a-2127-422b-91ae-364da2661108)

http://www.vupen.com/english/advisories/2006/0527(af854a3a-2127-422b-91ae-364da2661108)

https://exchange.xforce.ibmcloud.com/vulnerabilities/24622(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.