Lucene search

MitreCVELIST:CVE-2006-1397

HistoryMar 28, 2006 - 11:00 a.m.

CVE-2006-1397

2006-03-2811:00:00

mitre

www.cve.org

AI Score

5.8

Confidence

High

EPSS

0.005

Percentile

76.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in (a) phpAdsNew and (b) phpPgAds before 2.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) certain parameters to the banner delivery module, which is not properly handled in the administrator interface, or (2) certain parameters to the login form.

References

phpadsnew.com/two/nucleus/index.php?itemid=46

secunia.com/advisories/19384

securityreason.com/securityalert/633

securitytracker.com/id?1015828

securitytracker.com/id?1015829

sourceforge.net/project/shownotes.php?release_id=404963

sourceforge.net/project/shownotes.php?release_id=404964

www.osvdb.org/24205

www.osvdb.org/24206

www.securityfocus.com/archive/1/428898/100/0/threaded

www.securityfocus.com/bid/17251

www.vupen.com/english/advisories/2006/1107

exchange.xforce.ibmcloud.com/vulnerabilities/25458