Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or…

CVSS

4.3

Medium

EPSS

0.01

p64

Published

2006-01-01

Updated

2006-01-01

Description

Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter.

Affected products

Directory_listing_script

CVSS vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Timeline

2006-01-01

Published

2006-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: M

Medium

Authentication

Au: N

None (N)

Confidentiality Impact

C: N

None (N)

Integrity Impact

I: P

Partial

Availability Impact

A: N

None (N)

Exploit indicators

EPSS

0.012 · p64

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Php

Directory Listing Script

Product	Vendor	Status
directory_listing_script	*	Tracked

Source databases

CVE