CVE-2008-6700 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Butterfly Organizer 2.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) mytable parameter to view.php (2) mytable parameter to viewdb2.php (3) tablehere parameter to category-rename.php and (4) letter parameter to module-contacts.php.

Reference

http://www.securityfocus.com/bid/29700 https://exchange.xforce.ibmcloud.com/vulnerabilities/43066 https://www.exploit-db.com/exploits/5797