CVE-2006-3061

Name of the Vulnerable Software and Affected Versions 5 Star Review (affected versions not specified)

Description The issue allows remote attackers to inject arbitrary web script or HTML via several parameters, including the sort parameter in "index2.php", the item id parameter in "report.php", the search term parameter in "search reviews.php", the profile field in "usercp/profile edit1.php", and the review field in "review form.php".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.