CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-4496

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0910%
EPSS Percentile18.89th
Published2006年8月31日
Last Modified2026年4月16日

Vulnerability Description

Cross-site scripting (XSS) vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to inject arbitrary web script or HTML via the comment parameter.

Affected Platforms (CPE)

📦
Iwebnegar

Iwebnegar

= 1.1

References & Advisories

🔗 http://securityreason.com/securityalert/1476
🔗 http://www.securityfocus.com/archive/1/444744/100/0/threaded
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/28663
🔗 http://securityreason.com/securityalert/1476
🔗 http://www.securityfocus.com/archive/1/444744/100/0/threaded
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/28663

相关漏洞威胁

CVE-2004-140210.0

SQL injection vulnerability in iWebNegar allows remote attackers to execute arbitrary SQL commands via (1) the string parameter fo...

CVE-2006-44977.5

SQL injection vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to execute arbitrary SQL commands via the id ...

CVE-2006-021810.0

Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0.2 have unspecified impact and attack vectors, related to...

CVE-2006-026010.0

Multiple unspecified vulnerabilities in Oracle Database server 9.2.0.7 and 10.1.0.5 have unspecified impact and attack vectors, as...