CVE-2006-1404 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in bol.cgi in BlankOL 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) file or (2) function parameter.

Reference

http://pridels0.blogspot.com/2006/03/blankol-xss-vuln.html http://secunia.com/advisories/19387 http://www.osvdb.org/24124 http://www.securityfocus.com/bid/17265 http://www.vupen.com/english/advisories/2006/1111 https://exchange.xforce.ibmcloud.com/vulnerabilities/25488