CVE-2006-5106

Published Oct 3, 2006

Last updated 3 months ago

CVSS info 5.1

Overview

Description: Cross-site scripting (XSS) vulnerability in FacileForms before 1.4.7 for Mambo and Joomla!, when either register_globals or RG_EMULATION is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.1
Impact score: 6.4
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D911590B-BE38-48B0-9724-26CEB3E158E9"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C56186B2-6E16-4965-B46A-3C84C0E408C2"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8ABA3EF6-6D6D-4763-AAB3-55C476E3BCEC"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4E80CE6-20DA-42B7-8B58-1CC4F9FE82B1"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F615AD6-F879-4D56-BD89-84CABE1CDC0E"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A2CE911-D07F-4FAF-A467-A917D886121F"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.2.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0153A7A1-9871-4264-B915-8858EE9CF1A1"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39308F0F-9E86-4CDA-9446-68A18B69C7B1"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE38570E-E3F6-4D25-A6CD-5BE2D1791E80"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4869E75-45C2-431B-A35B-833DE6CA9CEE"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "253C6E57-E600-4E32-99B9-6817840F4B6C"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3573DC7-2874-4200-8847-6E1DEDB6B211"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "519FEFAD-00EB-4D4A-BB98-E76E5A866E77"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.4.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C1E94AE-B499-4849-A482-D0FDCA0D1FDB"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.4.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4016AD92-891C-4EAF-AEC5-8559F96A85A4"
          },
          {
            "criteria": "cpe:2.3:a:facileforms:facileforms:1.4.6g:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D0C38DF-CDCD-48C5-8FD2-CB9BC3128D14"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References