CVE-2006-1544 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in news.php in vscripts (aka Kuba Kunkiewicz) VNews 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) autorkomentarza and (2) tresckomentarza parameters.

Reference

http://secunia.com/advisories/19435 http://www.evuln.com/vulns/112 http://www.osvdb.org/24275 http://www.securityfocus.com/archive/1/430674/100/0/threaded http://www.securityfocus.com/bid/17317 http://www.vupen.com/english/advisories/2006/1173 https://exchange.xforce.ibmcloud.com/vulnerabilities/25530