Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in Default.asp in D2KBlog 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
References 7 Total
- securityfocus.com: 17035 vdb-entry
- securityreason.com: 559 third-party-advisory
- vupen.com: ADV-2006-0896 vdb-entry
- exchange.xforce.ibmcloud.com: d2kblog-default-msg-xss(25214) vdb-entry
- osvdb.org: 23771 vdb-entry
- securityfocus.com: 20060308 [KAPDA::#32] - d2kBlog 1.0.3 Multiple Vulnerabilities mailing-list
- secunia.com: 19177 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 7 Total
- securityfocus.com: 17035 vdb-entryx_transferred
- securityreason.com: 559 third-party-advisoryx_transferred
- vupen.com: ADV-2006-0896 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: d2kblog-default-msg-xss(25214) vdb-entryx_transferred
- osvdb.org: 23771 vdb-entryx_transferred
- securityfocus.com: 20060308 [KAPDA::#32] - d2kBlog 1.0.3 Multiple Vulnerabilities mailing-listx_transferred
- secunia.com: 19177 third-party-advisoryx_transferred