CVE-2006-1612 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in visview.php in aWebNews 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) yname (2) emailadd (3) subject and (4) comment parameters.

Reference

http://evuln.com/vulns/116/summary.html http://secunia.com/advisories/19487 http://securityreason.com/securityalert/707 http://www.osvdb.org/24333 http://www.securityfocus.com/archive/1/431007/100/0/threaded http://www.vupen.com/english/advisories/2006/1196 https://exchange.xforce.ibmcloud.com/vulnerabilities/25589