CVE-2006-1854 Information
Description
LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks Multiple cross-site scripting (XSS) vulnerabilities in BluePay Manager 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML during a login action via the (1) Account Name and (2) Username field. NOTE: the vendor has disputed this vulnerability saying that \it does not exist currently in the Bluepay 2.0 product\ and older versions might not have been affected either. As of 20060512 CVE has not formally investigated this dispute.
Reference
http://pridels0.blogspot.com/2006/04/bluepay-manager-v20-script-insertion.html
Share on: