CVE-2008-6924 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in register.php in eSyndiCat Directory 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) username (2) email (3) password (4) password2 (5) security_code and (6) register parameters.

Reference

http://packetstorm.linuxsecurity.com/0807-exploits/esyndicat-xss.txt http://secunia.com/advisories/31041 http://www.osvdb.org/46908 http://www.securityfocus.com/bid/30178 https://exchange.xforce.ibmcloud.com/vulnerabilities/43715