CVE-2006-6844

Published: Dec 31, 2006Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the optional user comment module in CMS Made Simple 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the user comment form.

Affected (1)

Products: Cmsmadesimple: Cms Made Simple

Cmsmadesimple

1 product

Cms Made Simple

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cmsmadesimple Cms Made Simple	Version 1.0.2

References (10)

http://securityreason.com/securityalert/2087

Source: cve@mitre.org

http://securitytracker.com/id?1017445

Source: cve@mitre.org

Exploit

http://www.l0j1k.com/security/CMSMadeSimple_1.0.2_25Dec06.txt

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/archive/1/455306/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/21756

Source: cve@mitre.org

http://securityreason.com/securityalert/2087