CVE-2006-2672

Name of the Vulnerable Software and Affected Versions Realty Pro One (affected versions not specified)

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via several parameters, including the listingid parameter to "/images.php", "/index other.php", or "/request info.php", the propertyid parameter to "/searchlookup.php", the id parameter to "/images.php", or the agentid parameter to "/request info.php". Some of these issues might be resultant from SQL injection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.