CVE-2006-7078

2007-02-2718:00:00

mitre

www.cve.org

AI Score

Confidence

High

EPSS

0.006

Percentile

78.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Professional Home Page Tools Login Script, as of July 2006, allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) vorname, and (3) nachname parameters in the register script. NOTE: some details have been obtained from third party sources.

References

lists.grok.org.uk/pipermail/full-disclosure/2006-July/048194.html

secunia.com/advisories/21206

securityreason.com/securityalert/2329

www.securityfocus.com/archive/1/441194/100/0/threaded

www.vupen.com/english/advisories/2006/2981

exchange.xforce.ibmcloud.com/vulnerabilities/27967