CVE-2006-2637

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/05/2006
Last modified:
03/04/2025

Description

Cross-site scripting (XSS) vulnerability in view.php in TuttoPhp (1) Morris Guestbook 1, (2) Pretty Guestbook 1, and (3) Smile Guestbook 1 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element in the pagina parameter.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:tuttophp:morris_guestbook:*:*:*:*:*:*:*:*
cpe:2.3:a:tuttophp:pretty_guestbook:*:*:*:*:*:*:*:*
cpe:2.3:a:tuttophp:smile_guestbook:*:*:*:*:*:*:*:*