CVE-2006-3004

Published: Jun 13, 2006Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Ez Ringtone Manager allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in player.php and (2) keyword parameter when performing a search.

Affected (1)

Products: Scriptsez: Ez Ringtone Manager

Scriptsez

1 product

Ez Ringtone Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Scriptsez Ez Ringtone Manager	All versions

References (12)

http://secunia.com/advisories/20530

Source: cve@mitre.org

Exploit

http://securityreason.com/securityalert/1097

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/436424

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/18340

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2237

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27062

Source: cve@mitre.org

http://secunia.com/advisories/20530