Unrated severityNVD Advisory· Published Jun 30, 2006· Updated Jun 16, 2026
CVE-2006-3319
CVE-2006-3319
Description
Cross-site scripting (XSS) vulnerability in rss/index.php in PHP iCalendar 2.22 and earlier allows remote attackers to inject arbitrary web script or HTML via the cal parameter.
Affected products
2cpe:2.3:a:php_icalendar:php_icalendar:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:php_icalendar:php_icalendar:*:*:*:*:*:*:*:*range: <=2.22
- (no CPE)range: <=2.22
Patches
Vulnerability mechanics
References
7- kurdishsecurity.blogspot.com/2006/06/kurdish-security-12-php-icalendar.htmlnvdExploit
- securitytracker.com/idnvdExploit
- secunia.com/advisories/20883nvdVendor Advisory
- securityreason.com/securityalert/1175nvd
- www.securityfocus.com/archive/1/438621/100/0/threadednvd
- www.vupen.com/english/advisories/2006/2597nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27448nvd
News mentions
0No linked articles in our index yet.