CVE-2006-3795 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in DeluxeBB before 1.08 allow remote attackers to inject arbitrary web script or HTML via the (1) membercookie cookie in header.php and the (2) redirect parameter in misc.php.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/047989.html http://secunia.com/advisories/21116 http://securityreason.com/securityalert/1254 http://www.securityfocus.com/archive/1/440435/100/0/threaded http://www.securityfocus.com/bid/19052 http://www.vupen.com/english/advisories/2006/2879 https://exchange.xforce.ibmcloud.com/vulnerabilities/27836 https://exchange.xforce.ibmcloud.com/vulnerabilities/27837