CVE-2006-1144 Information

Description

Cross-site scripting (XSS) vulnerability in HitHost 1.0.0 allows remote attackers to inject arbitrary web script or HTML via (1) the user parameter in deleteuser.php and (2) the hits parameter in viewuser.php.

Reference

http://secunia.com/advisories/19155 http://www.osvdb.org/23757 http://www.osvdb.org/23758 http://www.securityfocus.com/archive/1/426931/100/0/threaded http://www.securityfocus.com/bid/17025 http://www.vupen.com/english/advisories/2006/0886 https://exchange.xforce.ibmcloud.com/vulnerabilities/25105