CVE-2006-3333

Published: Jun 30, 2006Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to inject web script or HTML via the multiple unspecified parameters, including the (1) frommethod, (2) list, and (3) method, which are reflected in an error message. NOTE: some of these vectors might be resultant from SQL injection.

Affected (1)

Products: Phpoutsourcing: Zorum

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Phpoutsourcing Zorum	Version 3.5

References (4)

http://pridels0.blogspot.com/2006/06/zorum-forum-35-vuln.html

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/19598

Source: cve@mitre.org

http://pridels0.blogspot.com/2006/06/zorum-forum-35-vuln.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/19598

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.