|
|
CVE Reference: CVE-2006-5626 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-5626 |
|
|
Description: Cross-site scripting (XSS) vulnerability in cms_images/js/htmlarea/htmlarea.php in phpFaber Content Management System (CMS) before 1.3.36 on 20061026 allows remote attackers to inject arbitrary web script or HTML, probably via arbitrary parameters in the query string, as demonstrated with a vigilon parameter. NOTE: earlier downloads of 1.3.36 have the vulnerability; the software was updated without changing the version number. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/1802 SAID Secunia Advisory: SA22629 MISC http://www.vigilon.com/advisories/vg-phpfaber-24-10-2006.txt http://www.vigilon.com/resources/102506c.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/449894/100/0/threaded BID 20821 |
|
| Return to the previous page. |
