Cross-site Scripting Vulnerability in PHP Script Index Affected by Arbitrary Code Injection
CVE-2006-1558

Currently unrated

Key Information:

Vendor: PHP
Status: PHP Script Index
Vendor: CVE Published:; 31 March 2006

What is CVE-2006-1558?

A cross-site scripting vulnerability exists in the PHP Script Index's search.php file that allows remote attackers to inject arbitrary web script or HTML through the search parameter. This means that when users interact with the affected application, their browsers might execute malicious scripts injected by attackers, enabling them to potentially steal sensitive information or manipulate user sessions.

References

http://www.vupen.com/english/advisories/2006/1158

vdb-entryx_refsource_VUPEN

http://www.osvdb.org/24243

vdb-entryx_refsource_OSVDB

http://secunia.com/advisories/19443

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Mar 31, 2006
Vulnerability Reserved
Mar 31, 2006