CVE-2006-0806
EPSS 12.6%
Description
Multiple cross-site scripting (XSS) vulnerabilities in ADOdb 4.71, as used in multiple packages such as phpESP, allow remote attackers to inject arbitrary web script or HTML via (1) the next_page parameter in adodb-pager.inc.php and (2) other unspecified vectors related to PHP_SELF.
How to fix CVE-2006-0806
To remediate CVE-2006-0806, upgrade the affected package to a fixed version below.
- Debian/cacti—upgrade to 0.8.6d-1 or later
- Debian/libphp-adodb—upgrade to 4.72-0.1 or later
Is CVE-2006-0806 being exploited?
Moderate — EPSS is 12.6%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 0.8.6d-1
- from 0, < 4.72-0.1