CVE-2006-4058 Information

Description

Cross-site scripting (XSS) vulnerability in archive.php in Simplog 0.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the keyw parameter when performing a search. NOTE: some details are obtained from third party information.

Reference

http://secunia.com/advisories/21390 http://securityreason.com/securityalert/1358 http://securitytracker.com/id?1016651 http://www.osvdb.org/27823 http://www.securityfocus.com/archive/1/442456/100/0/threaded http://www.vupen.com/english/advisories/2006/3186 https://exchange.xforce.ibmcloud.com/vulnerabilities/28266