CVE-2006-0101 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in sBLOG 0.7.1 Beta 20051202 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) p and (2) keyword parameters in (a) index.php and (b) search.php.

Reference

http://osvdb.org/ref/22/22373-sblog.txt http://www.osvdb.org/22373 http://www.osvdb.org/22374 http://www.vupen.com/english/advisories/2006/0041 https://exchange.xforce.ibmcloud.com/vulnerabilities/23979