CVE-2006-3160 Information

Description

Cross-site scripting (XSS) vulnerability in fm.php in ONEdotOH Simple File Manager (SFM) 0.24a and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Reference

http://secunia.com/advisories/20668 http://www.osvdb.org/26665 http://www.securityfocus.com/archive/1/437671/100/100/threaded http://www.securityfocus.com/bid/18534 http://www.vupen.com/english/advisories/2006/2435 https://exchange.xforce.ibmcloud.com/vulnerabilities/27306