Php · Php Fusebox · CVE-2006-0242
**Name of the Vulnerable Software and Affected Versions**
PHP Fusebox version 4.0.6
**Description**
A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the `fuseaction` parameter in the "index.php" file.
**Recommendations**
For PHP Fusebox version 4.0.6, consider restricting access to the `fuseaction` parameter in the "index.php" file to minimize the risk of exploitation.