CVE-2006-2506
Sphider - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in search.php in Sphider allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO and (2) the category parameter.
References (7)
Scores
EPSS
0.0219
EPSS Percentile
84.2%
Classification
CWE
CWE-79
Status
draft
Affected Products (4)
sphider/sphider
sphider/sphider
sphider/sphider
sphider/sphider
Timeline
Published
May 22, 2006
Tracked Since
Feb 18, 2026