CVE-2006-0078 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in B-net Software 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) name and (2) shout variables to (a) shout.php or the (3) title and (4) message variables to (b) guestbook.php.

Reference

http://evuln.com/vulns/10/summary.html http://secunia.com/advisories/18271 http://securityreason.com/securityalert/316 http://sourceforge.net/project/shownotes.php?release_id=442067&group_id=117067 http://www.osvdb.org/22190 http://www.osvdb.org/22191 http://www.securityfocus.com/archive/1/420673/100/0/threaded http://www.securityfocus.com/archive/1/444320/100/0/threaded http://www.securityfocus.com/bid/16114 http://www.vupen.com/english/advisories/2006/0018