CVE-2006-0208 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2006-0208 Interim 1 4 2023-07-03T02:18:42Z current 2021-05-30T12:34:46Z 2023-07-03T02:18:42Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2006-0208 Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-security-announce/2006-02/msg00019.html E-Mail link for SUSE-SR:2006:004 https://www.suse.com/support/security/rating/ SUSE Security Ratings Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message. CVE-2006-0208 low 2.6 AV:N/AC:H/Au:N/C:N/I:P/A:N