PT-2007-1357 · Professional Home Page Tools · Professional Home Page Tools Login Script

Tamriel

Publicado

2007-02-27

Atualizado

2018-10-16

CVE-2006-7078

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Professional Home Page Tools Login Script (affected versions not specified)

Description The issue allows remote attackers to inject arbitrary web script or HTML via the name, vorname, and nachname parameters in the register script, potentially leading to cross-site scripting (XSS) attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-7078

Produtos afetados

Professional Home Page Tools Login Script

PT-2007-1357 · Professional Home Page Tools · Professional Home Page Tools Login Script

CVE-2006-7078

Identificadores relacionados

Produtos afetados

Referências · 7