|
|
CVE Reference: CVE-2006-2227 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2227 |
|
|
Description: Cross-site scripting (XSS) vulnerability in misc.php in PunBB 1.2.11 allows remote attackers to inject arbitrary web script or HTML via the req_message parameter, because the value of the redirect_url parameter is not sanitized. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26245 SREASON http://securityreason.com/securityalert/849 SAID Secunia Advisory: SA19986 OSVDB 25256 CONFIRM http://www.punbb.org/download/hdiff/hdiff-1.2.11_to_1.2.12.html http://www.punbb.org/changelogs/1.2.11_to_1.2.12.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/432950/100/0/threaded BID 17827 |
|
| Return to the previous page. |
