CVE-2006-4474

Published: Aug 31, 2006Modified: Apr 16, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Joomla! before 1.0.11 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) Admin Module Manager, (2) Admin Help, and (3) Search.

Affected (2)

Products: Joomla: Joomla

Joomla

1 product

Joomla

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Joomla Joomla	Up to 1.0.10
Joomla Joomla	Version 1.0.9

References (10)

http://secunia.com/advisories/21666

Source: cve@mitre.org

http://www.joomla.org/content/view/1841/78/

Source: cve@mitre.org

Patch

http://www.joomla.org/content/view/1843/74/

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/3408

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/28633

Source: cve@mitre.org

http://secunia.com/advisories/21666