CVE-2006-3160

Published: Jun 22, 2006Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Affected (1)

Products: Onedotoh: Simple File Manager

Onedotoh

1 product

Simple File Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Onedotoh Simple File Manager	Up to 0.24a

References (12)

http://secunia.com/advisories/20668

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/26665

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/437671/100/100/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/18534

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2435

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27306

Source: cve@mitre.org

http://secunia.com/advisories/20668