CVE-2006-1889 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-1889
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-1889

Description: Cross-site scripting (XSS) vulnerability in the search action handler in index.php in Nils Asmussen (aka SCRIPTSOLUTION) Boardsolution 1.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the "Search for" item (keyword parameter).

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25805 ST 1015948 SREASON http://securityreason.com/securityalert/718 http://securityreason.com/securityalert/766 SAID Secunia Advisory: SA19654 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/431072/100/0/threaded BID 17549

Return to the previous page.