CVE-2006-6271 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in PHPOLL 0.96 allow remote attackers to inject arbitrary web script or HTML via the language parameter to (1) index.php (2) info.php; and (3) index.php (4) votanti.php (5) risultati_config.php (6) modifica_band.php (7) band_editor.php and (8) config_editor.php in admin/.

Reference

http://securityreason.com/securityalert/1960 http://www.securityfocus.com/archive/1/452093/100/200/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/30426