CVE-2006-5827

Published: Nov 10, 2006Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpComasy CMS 0.7.9pre and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username or (2) password parameters.

Affected (3)

Products: Phpcomasy: Phpcomasy

Phpcomasy

1 product

Phpcomasy

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Phpcomasy Phpcomasy	Version 0.7.4
Phpcomasy Phpcomasy	Version 0.7.5
Phpcomasy Phpcomasy	Version 0.7.9pre

References (12)

http://secunia.com/advisories/22760

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/1843

Source: cve@mitre.org

http://www.majorsecurity.de/index_2.php?major_rls=major_rls32

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/450712

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/20938

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/30053

Source: cve@mitre.org

http://secunia.com/advisories/22760