CVE-2006-1417 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planitia Online Quiz System (aka Web Quiz pro) possibly 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) exam parameter in prequiz.asp or (2) msg parameter in student.asp.

Reference

http://pridels0.blogspot.com/2006/03/web-quiz-pro-xss-vuln.html http://secunia.com/advisories/19416 http://www.osvdb.org/24129 http://www.osvdb.org/24130 http://www.securityfocus.com/bid/17255 http://www.vupen.com/english/advisories/2006/1091 https://exchange.xforce.ibmcloud.com/vulnerabilities/25431