|
CVE Reference: CVE-2006-3333
|
|
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.
|
|
Original Page at CVE MITRE:
CVE-2006-3333
|
|
Description:
Cross-site scripting (XSS) vulnerability in index.php in Zorum Forum 3.5 allows remote attackers to inject web script or HTML via the multiple unspecified parameters, including the (1) frommethod, (2) list, and (3) method, which are reflected in an error message. NOTE: some of these vectors might be resultant from SQL injection.
|
|
CVE Status:
Candidate
|
|
References:
XF
http://xforce.iss.net/xforce/xfdb/19598
MISC
http://pridels.blogspot.com/2006/06/zorum-forum-35-vuln.html
|
|
|
Return to the previous page.
|
