Unrated severityNVD Advisory· Published Apr 10, 2006· Updated Apr 16, 2026
CVE-2006-0996
CVE-2006-0996
Description
Cross-site scripting (XSS) vulnerability in phpinfo (info.c) in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including (1) a large number of dimensions or (2) long values, which prevents HTML tags from being removed.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/php7&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/php8&distro=openSUSE%20Tumbleweed
< 7.4.24-1.1+ 1 more
- (no CPE)range: < 7.4.24-1.1
- (no CPE)range: < 8.0.11-1.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
34- cvs.php.net/viewcvs.cgi/php-src/ext/standard/info.cnvdPatch
- www.securityfocus.com/bid/17362nvdExploit
- secunia.com/advisories/19599nvdVendor Advisory
- secunia.com/advisories/19775nvdVendor Advisory
- secunia.com/advisories/19832nvdVendor Advisory
- secunia.com/advisories/19979nvdVendor Advisory
- secunia.com/advisories/20052nvdVendor Advisory
- secunia.com/advisories/20210nvdVendor Advisory
- secunia.com/advisories/20222nvdVendor Advisory
- secunia.com/advisories/20951nvdVendor Advisory
- secunia.com/advisories/21125nvdVendor Advisory
- secunia.com/advisories/21252nvdVendor Advisory
- secunia.com/advisories/21564nvdVendor Advisory
- patches.sgi.com/support/free/security/advisories/20060501-01-U.ascnvd
- cvs.php.net/viewcvs.cgi/php-src/ext/standard/info.cnvd
- marc.infonvd
- rhn.redhat.com/errata/RHSA-2006-0276.htmlnvd
- rhn.redhat.com/errata/RHSA-2006-0549.htmlnvd
- security.gentoo.org/glsa/glsa-200605-08.xmlnvd
- securityreason.com/achievement_securityalert/34nvd
- securityreason.com/securityalert/675nvd
- securitytracker.com/idnvd
- support.avaya.com/elmodocs2/security/ASA-2006-129.htmnvd
- support.avaya.com/elmodocs2/security/ASA-2006-160.htmnvd
- www.mandriva.com/security/advisoriesnvd
- www.novell.com/linux/security/advisories/05-05-2006.htmlnvd
- www.osvdb.org/24484nvd
- www.php.net/ChangeLog-4.phpnvd
- www.redhat.com/support/errata/RHSA-2006-0501.htmlnvd
- www.ubuntu.com/usn/usn-320-1nvd
- www.vupen.com/english/advisories/2006/1290nvd
- www.vupen.com/english/advisories/2006/2685nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25702nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10997nvd
News mentions
0No linked articles in our index yet.