CVE-2006-2184 : Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowledge Base a

Cross-site scripting (XSS) vulnerability in search.php in PHPKB Knowledge Base allows remote attackers to inject arbitrary web script or HTML via the searchkeyword parameter. NOTE: the issue was originally disputed by the vendor, but on 20060519, the vendor notified CVE that "We have fixed all the mentioned issues and now the search section of PHPKB script is free from any XSS issues."

Published 2006-05-04 12:38:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Vulnerability category: Cross site scripting (XSS)

Products affected by CVE-2006-2184

Chadha Software Technologies » Phpkb Knowledge Base
Versions up to, including, (<=) 1.5
cpe:2.3:a:chadha_software_technologies:phpkb_knowledge_base:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2006-2184

EPSS FAQ

0.41%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 58 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2006-2184

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2006-2184

Jump to

Vulnerability Details : CVE-2006-2184

Products affected by CVE-2006-2184

Exploit prediction scoring system (EPSS) score for CVE-2006-2184

CVSS scores for CVE-2006-2184

References for CVE-2006-2184