Описание
Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script 0.5.0 does not properly filter all vulnerable HTML tags, which allows remote attackers to inject arbitrary web script or HTML via Javascript in a DIV tag.
Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script 0.5.0 does not properly filter all vulnerable HTML tags, which allows remote attackers to inject arbitrary web script or HTML via Javascript in a DIV tag.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-2533
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26605
- http://secunia.com/advisories/20249
- http://securityreason.com/securityalert/940
- http://www.securityfocus.com/archive/1/434691/100/0/threaded
- http://www.securityfocus.com/archive/1/435093/100/0/threaded
- http://www.securityfocus.com/bid/18070
- http://www.vupen.com/english/advisories/2006/1927
EPSS
CVE ID
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in (1) addWeblog.php and (2) leaveComments.php in Destiney Rated Images Script 0.5.0 does not properly filter all vulnerable HTML tags, which allows remote attackers to inject arbitrary web script or HTML via Javascript in a DIV tag.
EPSS