{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-04-01T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and before 2.0.1 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) email, (3) homepage, (4) id, (5) name, and (6) text parameters in (a) index.php, the (7) comment, (8) email, (9) homepage, (10) number, (11) name, and (12) text parameters in (b) admin/guestbook.php, and the (13) email, (14) homepage, (15) icq, (16) name, and (17) text parameters in (c) admin/edit.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.networkarea.ch/forum/topic.php?id=4&s=9106beea248ecd1a552439168ada227e"}, {"name": "20764", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/20764"}, {"name": "18582", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/18582"}, {"name": "myphp-guestbook-multiple-scripts-xss(27293)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27293"}, {"name": "ADV-2006-2480", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/2480"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2006-3063", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and before 2.0.1 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) email, (3) homepage, (4) id, (5) name, and (6) text parameters in (a) index.php, the (7) comment, (8) email, (9) homepage, (10) number, (11) name, and (12) text parameters in (b) admin/guestbook.php, and the (13) email, (14) homepage, (15) icq, (16) name, and (17) text parameters in (c) admin/edit.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.networkarea.ch/forum/topic.php?id=4&s=9106beea248ecd1a552439168ada227e", "refsource": "CONFIRM", "url": "http://www.networkarea.ch/forum/topic.php?id=4&s=9106beea248ecd1a552439168ada227e"}, {"name": "20764", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/20764"}, {"name": "18582", "refsource": "BID", "url": "http://www.securityfocus.com/bid/18582"}, {"name": "myphp-guestbook-multiple-scripts-xss(27293)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27293"}, {"name": "ADV-2006-2480", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/2480"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T18:16:05.091Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.networkarea.ch/forum/topic.php?id=4&s=9106beea248ecd1a552439168ada227e"}, {"name": "20764", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/20764"}, {"name": "18582", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/18582"}, {"name": "myphp-guestbook-multiple-scripts-xss(27293)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27293"}, {"name": "ADV-2006-2480", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/2480"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-3063", "datePublished": "2006-06-19T10:00:00", "dateReserved": "2006-06-19T00:00:00", "dateUpdated": "2024-08-07T18:16:05.091Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "EEB92A38-41B3-4E8E-9396-340A4E9D01D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.8:*:*:*:*:*:*:*", "matchCriteriaId": "47132A18-64DD-4DA3-9130-71E1BF689F99", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "CE54EDCB-FDDD-4E4C-8AE4-2E2F2BA0B7F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.9:*:*:*:*:*:*:*", "matchCriteriaId": "E105BB6B-DFF8-40FF-8DE7-830908841263", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:1.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "5951406C-4460-42D2-B0AF-3BC5F0FD2738", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "8419132F-D109-446C-AD91-8694888A699C", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0-r1:*:*:*:*:*:*:*", "matchCriteriaId": "61D94A4B-8475-4BAA-8434-4B857E4CB188", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_alpha:*:*:*:*:*:*:*", "matchCriteriaId": "97EE480B-D147-4C8B-AE90-70E6D9E166C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_beta:*:*:*:*:*:*:*", "matchCriteriaId": "1D1537F6-92E9-413F-89E0-EE5011DBBE1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "5ADDFDFC-7AB4-4A7F-B75F-412A4165A5D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "8E3D6891-BF1F-4080-81E3-A5A75B54C16B", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_rc3:*:*:*:*:*:*:*", "matchCriteriaId": "424B22E0-C10D-4413-9638-1C5F89F99902", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.0_rc4:*:*:*:*:*:*:*", "matchCriteriaId": "B1DB7E63-09E1-4BF6-A826-F1072BD2D7B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_beta:*:*:*:*:*:*:*", "matchCriteriaId": "324788C8-73BB-40FC-901D-C5DDA98541FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_rc1:*:*:*:*:*:*:*", "matchCriteriaId": "094BDBC2-4BBE-491C-8311-952508C41AA0", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_rc2:*:*:*:*:*:*:*", "matchCriteriaId": "181549D7-1F12-4483-AD6C-35DCC52EF22D", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_rc3:*:*:*:*:*:*:*", "matchCriteriaId": "843ADF77-4300-44B0-8490-FB4B6C1FBAFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:myphp_guestbook:myphp_guestbook:2.0.1_rc4:*:*:*:*:*:*:*", "matchCriteriaId": "BAB4501F-3C6E-4D56-B7A3-88D637137F1B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in myPHP Guestbook 1.x through 2.0.0-r1 and before 2.0.1 RC5 allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) email, (3) homepage, (4) id, (5) name, and (6) text parameters in (a) index.php, the (7) comment, (8) email, (9) homepage, (10) number, (11) name, and (12) text parameters in (b) admin/guestbook.php, and the (13) email, (14) homepage, (15) icq, (16) name, and (17) text parameters in (c) admin/edit.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzaods (XSS) en myPHP Guestbook v1.x hasta la v2.0.0-r1 y antes de v2.0.1 RC5 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de los par\u00e1metros (1) comment, (2) email, (3) homepage, (4) id, (5) name y (6) text in (a) index.php. Tambi\u00e9n los par\u00e1metros (7) comment, (8) email, (9) homepage, (10) number, (11) name and (12) text en (b) admin/guestbook.php, y por \u00faltimo los par\u00e1metros (13) email, (14) homepage, (15) icq, (16) name y (17) text en edit.php."}], "id": "CVE-2006-3063", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-06-19T10:02:00.000", "references": [{"source": "[email protected]", "url": "http://secunia.com/advisories/20764"}, {"source": "[email protected]", "url": "http://www.networkarea.ch/forum/topic.php?id=4&s=9106beea248ecd1a552439168ada227e"}, {"source": "[email protected]", "url": "http://www.securityfocus.com/bid/18582"}, {"source": "[email protected]", "url": "http://www.vupen.com/english/advisories/2006/2480"}, {"source": "[email protected]", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27293"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/20764"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.networkarea.ch/forum/topic.php?id=4&s=9106beea248ecd1a552439168ada227e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/18582"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/2480"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27293"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "[email protected]", "type": "Primary"}]}

{}