CVE-2005-3308 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Zomplog 3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) comment parameter in detail.php (3) the username parameter in get.php and (4) the search parameter in index.php.

Reference

http://marc.info/?l=bugtraq&m=113019053831123&w=2 http://secunia.com/advisories/17306/ http://securitytracker.com/alerts/2005/Oct/1015088.html http://www.osvdb.org/20253 http://www.osvdb.org/20254 http://www.osvdb.org/20255 http://www.securityfocus.com/bid/15168 https://exchange.xforce.ibmcloud.com/vulnerabilities/22828