CVE-2006-6389 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in ac4p Mobile allow remote attackers to inject arbitrary web script or HTML via the (1) Taaa parameter to (a) up.php or the (2) pollhtml and (3) Bloks parameters to (b) polls.php different vectors than CVE-2006-5770.

Reference

http://securityreason.com/securityalert/2018 http://www.osvdb.org/37047 http://www.osvdb.org/37048 http://www.securityfocus.com/archive/1/453428/100/0/threaded http://www.securityfocus.com/bid/21427