Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2006-0593

Cross-site scripting (XSS) vulnerability in PHP-Fusion before 6.00.304 allows remote attackers to inject arbitrary web script or HTML via the (1) shout_name field in shoutbox_panel.php and the (2) comments field in comments_include.php.

  • Published: Feb 8, 2006
  • Updated: Apr 13, 2023
  • CVE: CVE-2006-0593
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
php_fusion / php_fusion 6.00.105 6.00.105.x
php_fusion / php_fusion 6.00.106 6.00.106.x
php_fusion / php_fusion 6.00.103 6.00.103.x
php_fusion / php_fusion 6.00.101 6.00.101.x
php_fusion / php_fusion 6.00.107 6.00.107.x
php_fusion / php_fusion 6.00.303 6.00.303.x
php_fusion / php_fusion 6.00.104 6.00.104.x
php_fusion / php_fusion 6.00.100 6.00.100.x
php_fusion / php_fusion 6.00.108 6.00.108.x
php_fusion / php_fusion 6.00.207 6.00.207.x
php_fusion / php_fusion 6.00.200 6.00.200.x
php_fusion / php_fusion 6.00.110 6.00.110.x
php_fusion / php_fusion 6.00.102 6.00.102.x
php_fusion / php_fusion 6.00.205 6.00.205.x
php_fusion / php_fusion 6.00.109 6.00.109.x
php_fusion / php_fusion 6.00.206 6.00.206.x
php_fusion / php_fusion 6.00.204 6.00.204.x
php_fusion / php_fusion 6.00.300 6.00.300.x