← volver
CVE-2006-1642

CVE-2006-1642

EPSS 1.2%
Cross-site scripting (XSS) vulnerability in Interact 2.1.1 allows remote attackers to inject arbitrary web script or HTML via (1) the search_terms parameter to (a) search.php, and (2) the first_name, (3) last_name, (4) email, (5) password, and (6) confirm_password parameters to (b) userinput.php. NOTE: the provenance of this information is unknown; the details are obtained from third party. In addition, the lack of precision in the third party descriptions makes it unclear whether the named vectors are correct.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://secunia.com/advisories/19488https://exchange.xforce.ibmcloud.com/vulnerabilities/25652http://www.osvdb.org/24389http://www.osvdb.org/24461http://www.vupen.com/english/advisories/2006/1244