CVE-2006-6520 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Messageriescripthp 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) pseudo parameter to (a) existepseudo.php the (2) email parameter to (b) existeemail.php or the (3) pageName or (4) cssform parameter to (c) Contact/contact.php.

Reference

http://secunia.com/advisories/23319 http://securityreason.com/securityalert/2026 http://www.securityfocus.com/archive/1/453965/100/0/threaded http://www.securityfocus.com/bid/21513 http://www.vupen.com/english/advisories/2006/4939 https://exchange.xforce.ibmcloud.com/vulnerabilities/30819