PT-2006-7448 · Ac4P · Ac4P Mobilelib Gold

Published

2006-12-31

Updated

2018-10-17

CVE-2006-6851

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: ac4p Mobilelib gold 2

Description: The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the email or errr parameter in the contact us.php file.

Recommendations: For ac4p Mobilelib gold 2, update the contact us.php file to properly sanitize user input for the email and errr parameters to prevent XSS attacks.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-6851

Affected Products

Ac4P Mobilelib Gold

PT-2006-7448 · Ac4P · Ac4P Mobilelib Gold

CVE-2006-6851

Related Identifiers

Affected Products

References · 6