Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in index.php in MP3 Search/Archive 1.2 allows remote attackers to inject arbitrary web script or HTML via the (1) keywords parameter, as used by the "search box", and (2) res parameter.
References 6 Total
- vupen.com: ADV-2006-2385 vdb-entry
- secunia.com: 20664 third-party-advisory
- exchange.xforce.ibmcloud.com: mp3-searcharchive-index-xss(27234) vdb-entry
- securityreason.com: 1112 third-party-advisory
- securityfocus.com: 20060615 MP3 Search/Archive v1.2 - XSS mailing-list
- osvdb.org: 26530 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- vupen.com: ADV-2006-2385 vdb-entryx_transferred
- secunia.com: 20664 third-party-advisoryx_transferred
- exchange.xforce.ibmcloud.com: mp3-searcharchive-index-xss(27234) vdb-entryx_transferred
- securityreason.com: 1112 third-party-advisoryx_transferred
- securityfocus.com: 20060615 MP3 Search/Archive v1.2 - XSS mailing-listx_transferred
- osvdb.org: 26530 vdb-entryx_transferred