CVE-2006-7078 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in Professional Home Page Tools Login Script as of July 2006 allow remote attackers to inject arbitrary web script or HTML via the (1) name (2) vorname and (3) nachname parameters in the register script. NOTE: some details have been obtained from third party sources.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2006-July/048194.html http://secunia.com/advisories/21206 http://securityreason.com/securityalert/2329 http://www.securityfocus.com/archive/1/441194/100/0/threaded http://www.vupen.com/english/advisories/2006/2981 https://exchange.xforce.ibmcloud.com/vulnerabilities/27967

Share on: