CVE-2006-2687

Name of the Vulnerable Software and Affected Versions PHP-AGTC Membership System versions 1.1a and earlier

Description The issue concerns a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML via the useremail parameter in the adduser.php file.

Recommendations For PHP-AGTC Membership System versions 1.1a and earlier, consider validating and sanitizing user input for the useremail parameter to prevent XSS attacks. As a temporary workaround, restrict access to the adduser.php file until a patch is available.