|
|
CVE Reference: CVE-2006-1397 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-1397 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew and (b) phpPgAds before 2.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) certain parameters to the banner delivery module, which is not properly handled in the administrator interface, or (2) certain parameters to the login form. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25458 ST 1015829 1015828 SREASON http://securityreason.com/securityalert/633 SAID Secunia Advisory: SA19384 OSVDB 24205 24206 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=404964 http://sourceforge.net/project/shownotes.php?release_id=404963 http://phpadsnew.com/two/nucleus/index.php?itemid=46 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/428898/100/0/threaded BID 17251 |
|
| Return to the previous page. |
