QwikSec

Security Database

CVE

CWE

Training

CVE-2006-2184

Published: May 4, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowledge Base allows remote attackers to inject arbitrary web script or HTML via the searchkeyword parameter. NOTE: the issue was originally disputed by the vendor, but on 20060519, the vendor notified CVE that "We have fixed all the mentioned issues and now the search section of PHPKB script is free from any XSS issues."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20060512 Vendor dispute of CVE-2006-2184

mailing-list

x_refsource_VIM

vdb-entry

x_refsource_VUPEN

20060519 Resolved PHPKB vendor dispute (CVE-2006-2184)

mailing-list

x_refsource_VIM

http://d4igoro.blogspot.com/2006/05/phpkb-knowledge-base-xss.html

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.