|
|
CVE Reference: CVE-2006-2545 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2545 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in Xtreme Topsites 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter in stats.php and (2) unspecified inputs in lostid.php, probably the searchthis parameter. NOTE: one or more of these vectors might be resultant from SQL injection. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26614 SREASON http://securityreason.com/securityalert/945 SAID Secunia Advisory: SA20192 OSVDB 25702 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/434568/100/0/threaded BID 18055 |
|
| Return to the previous page. |
