|
|
CVE Reference: CVE-2006-0894 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0894 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in NOCC Webmail 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the html_error_occurred parameter in error.php, (2) html_filter_select parameter in filter_prefs.php, (3) html_no_mail parameter in no_mail.php, the (4) page_line, (5) prev, and (6) next parameters in html_bottom_table.php, and the (7) _SESSION['nocc_theme'] parameter in footer.php. |
|
|
CVE Status: Candidate |
|
|
References: ST 1015671 SAID Secunia Advisory: SA16921 OSVDB 23427 23423 23424 23425 23426 MISC http://retrogod.altervista.org/noccw_10_incl_xpl.html BUGTRAQ http://archives.neohapsis.com/archives/bugtraq/2006-02/0418.html BID 16793 |
|
| Return to the previous page. |
