CVE-2006-6452 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in the MyArticles module before 0.6 beta 1 for RunCMS allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) topics.php (2) submit.php and (3) class/calendar.class.php.

Reference

http://sourceforge.net/project/shownotes.php?release_id=466097 http://www.vupen.com/english/advisories/2006/4777 https://exchange.xforce.ibmcloud.com/vulnerabilities/30618