VDB
CVE-2006-0208
CVE-2006-0208
PUBLISHED
CVSS 2.5999999046325684 LOW
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message.
EPSS 2.73% · 86.2th percentile
Risk Scores
CVSS 2.0
2.5999999046325684
EPSS Score
2.73%
86.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| php | php | 4.0, 4.0.5, 4.0.4 |
| n/a | n/a | n/a |
Exploit Intelligence
- 19355 (circl)
- 21252 (circl)
- USN-261-1 (circl)
- SUSE-SR:2006:004 (circl)
- 18431 (circl)
- 20222 (circl)
- 20210 (circl)
- ADV-2006-0369 (circl)
- http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm (circl)
- ADV-2006-0177 (circl)
…and 19 more exploits
Timeline
- Jan 13, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
References
- 19355 third-party-advisory
- 21252 third-party-advisory
- USN-261-1 vendor-advisory
- SUSE-SR:2006:004 vendor-advisory
- 18431 third-party-advisory
- 20222 third-party-advisory
- 20210 third-party-advisory
- ADV-2006-0369 vdb
- http://support.avaya.com/elmodocs2/security/ASA-2006-160.htm url
- ADV-2006-0177 vdb
- RHSA-2006:0276 vendor-advisory
- 19179 third-party-advisory
- GLSA-200603-22 vendor-advisory
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178028 url
- RHSA-2006:0501 vendor-advisory
- RHSA-2006:0549 vendor-advisory
- 18697 third-party-advisory
- 20951 third-party-advisory
- http://support.avaya.com/elmodocs2/security/ASA-2006-129.htm url
- 19832 third-party-advisory
…and 11 more