CVE-2006-2419
Directory Listing Script - Cross-Site Scripting via dir Parameter
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
References (3)
Core 3
Core References
Exploit x_refsource_misc
http://kiki91.altervista.org/exploit/dir.txt
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1803
Exploit, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/20118
Scores
EPSS
0.0034
EPSS Percentile
56.5%
Details
Status
published
Products (1)
php/directory_listing_script
Published
May 16, 2006
Tracked Since
Feb 18, 2026