CVE-2006-1504

Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in (1) online.php and (2) download.php.

Published: Mar 30, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-1504
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
arab_portal / arab_portal	2.0	2.0.x

http://secunia.com/advisories/19445
http://securityreason.com/securityalert/673
http://www.osvdb.org/24220
http://www.osvdb.org/24221
http://www.securityfocus.com/archive/1/429109/100/0/threaded
http://www.securityfocus.com/bid/17285
http://www.vupen.com/english/advisories/2006/1150
https://exchange.xforce.ibmcloud.com/vulnerabilities/25515

Vulnerability Database

290,301

CVE-2006-1504