CVE-2006-4500 Information

Description

Cross-site scripting (XSS) vulnerability in index.php in ezPortal/ztml CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) about (2) again (3) lastname (4) email (5) password (6) album (7) id (8) table (9) desc (10) doc (11) mname (12) max (13) htpl (14) pheader and possibly other parameters.

Reference

http://securityreason.com/securityalert/1481 http://www.securityfocus.com/archive/1/444743/100/0/threaded http://www.securityfocus.com/bid/19759 https://exchange.xforce.ibmcloud.com/vulnerabilities/28666