CVE-2006-2048 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Edwin van Wijk phpWebFTP 2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) port (2) server and (3) user parameters. NOTE: it is possible that the affected version is actually 3.2.

Reference

http://secunia.com/advisories/19827 http://securityreason.com/securityalert/786 http://www.osvdb.org/24975 http://www.securityfocus.com/archive/1/431985/100/0/threaded http://www.securityfocus.com/bid/17688 http://www.subjectzero.net/research/phpwebftpxss.htm http://www.vupen.com/english/advisories/2006/1530 https://exchange.xforce.ibmcloud.com/vulnerabilities/26067

Share on: