CVE-2006-0806
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2006-0806
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2006-0806.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2006-0806
- Downstream
- Published
- 2006-02-21T02:02:00Z
- Modified
- 2025-08-09T20:01:27Z
- Summary
- [none]
- Details
-
Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the nextpage parameter in adodb-pager.inc.php and (2) other unspecified vectors related to PHPSELF.
- References
-
- http://secunia.com/advisories/18928
- http://secunia.com/advisories/19555
- http://secunia.com/advisories/19590
- http://secunia.com/advisories/19591
- http://secunia.com/advisories/19691
- http://www.debian.org/security/2006/dsa-1029
- http://www.debian.org/security/2006/dsa-1030
- http://www.debian.org/security/2006/dsa-1031
- http://www.vupen.com/english/advisories/2006/0664
- http://www.vupen.com/english/advisories/2006/2021
- http://phpesp.cvs.sourceforge.net/phpesp/phpESP/admin/include/lib/adodb/adodb-pager.inc.php?r1=1.1&r2=1.2
- http://securityreason.com/securityalert/452
- http://sourceforge.net/project/shownotes.php?release_id=419843&group_id=8956
- http://www.gentoo.org/security/en/glsa/glsa-200604-07.xml
- http://www.gulftech.org/?node=research&article_id=00101-02182006
- http://www.osvdb.org/23362
- http://www.securityfocus.com/archive/1/425393/100/0/threaded
- http://www.securityfocus.com/bid/16720