CVE-2006-5605

Name of the Vulnerable Software and Affected Versions: phpCards version 1.3

Description: The issue allows remote attackers to inject arbitrary web script or HTML via the CardFontFace parameter and other unspecified parameters in the phpcards.footer.php file. This can lead to cross-site scripting (XSS) attacks.

Recommendations: For phpCards version 1.3, avoid using the CardFontFace parameter in the phpcards.footer.php file until a fix is available. Restrict access to the phpcards.footer.php file to minimize the risk of exploitation.