CVE-2006-2497 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in AspBB 0.5.2 allow remote attackers to inject arbitrary web script or HTML via the (1) action parameter to default.asp or (2) get parameter to profile.asp.

Reference

http://secunia.com/advisories/20175 http://securityreason.com/securityalert/926 http://www.osvdb.org/25650 http://www.osvdb.org/25651 http://www.securityfocus.com/archive/1/434370/100/0/threaded http://www.securityfocus.com/bid/18025 https://exchange.xforce.ibmcloud.com/vulnerabilities/26530