Description

Cross-site scripting (XSS) vulnerability in (1) uploads.php and (2) "url links" in PmWiki 2.1.6 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Remediation

References

CVE-2006-2840

Related Vulnerabilities

WordPress Plugin WP-Forum SQL Injection (1.7.4)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-6939)

Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-11512)

WordPress Plugin All in One SEO-Best WordPress SEO-Easily Improve SEO Rankings & Increase Traffic Cross-Site Scripting (2.3.7)

OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2005-2946)

Severity

Medium

Classification

CVE-2006-2840

Tags

Missing Update Known Vulnerabilities