CVE-2006-2799
Last modified
CVE-2006-2799 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote attackers to inject arbitrary web scripts or HTML via the print_url variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources.. EPSS estimates a 1.29% chance of exploitation in the next 30 days.
Description
Cross-site scripting (XSS) vulnerability in content_footer.php in toendaCMS 0.7.0 allows remote attackers to inject arbitrary web scripts or HTML via the print_url variable. NOTE: the provenance of this information is unknown; the details are obtained solely from third party sources.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Toenda Software Development | Toendacms | <= 0.7 |
| Toenda Software Development | Toendacms | 0.6 |
| Toenda Software Development | Toendacms | 0.6.1 |
| Toenda Software Development | Toendacms | 0.6.2.1 |
| Toenda Software Development | Toendacms | 0.6_beta_1 |
| Toenda Software Development | Toendacms | 0.6_beta_2 |
| Toenda Software Development | Toendacms | 0.6_beta_3 |
| Toenda Software Development | Toendacms | 0.6_pre-beta |
References
- http://secunia.com/advisories/20391Vendor Advisory
- http://secunia.com/advisories/20391Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-2799?
How severe is CVE-2006-2799?
How do I fix CVE-2006-2799?
Are you affected by CVE-2006-2799?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST