CVE-2006-1427 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) action (2) id (3) num (4) board (5) cat (6) real (7) viewcat (8) img or (9) curcatname parameter in cgi-bin/index.cgi or (10) vsSD parameter in /mods/calendar/index.cgi.

Reference

http://pridels0.blogspot.com/2006/03/webapp-multiple-xss-vuln.html http://secunia.com/advisories/19506 http://www.osvdb.org/24278 http://www.osvdb.org/24279 http://www.securityfocus.com/bid/17359 http://www.vupen.com/english/advisories/2006/1102 http://www.web-app.net/cgi-bin/index.cgi?action=downloadinfo&cat=pastversions&id=1 http://www.web-app.net/cgi-bin/index.cgi?action=redirectd&cat=pastversions&id=1 https://exchange.xforce.ibmcloud.com/vulnerabilities/25435

Share on: