Описание
Multiple cross-site scripting (XSS) vulnerabilities in Milkeyway Captive Portal 0.1 and 0.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) ipAddress, (2) act, (3) username, and (4) unspecified other parameters in (a) authuser.php; and the (5) username and (6) unspecified other parameters in (b) userstatistics.php.
Multiple cross-site scripting (XSS) vulnerabilities in Milkeyway Captive Portal 0.1 and 0.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) ipAddress, (2) act, (3) username, and (4) unspecified other parameters in (a) authuser.php; and the (5) username and (6) unspecified other parameters in (b) userstatistics.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1290
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25288
- http://secunia.com/advisories/19258
- http://securitytracker.com/id?1015778
- http://www.osvdb.org/23932
- http://www.osvdb.org/23933
- http://www.securityfocus.com/archive/1/427890/100/0/threaded
- http://www.securityfocus.com/bid/17127
- http://www.ush.it/team/ascii/hack-milkeway/advisory.txt
- http://www.ush.it/team/ascii/hack-milkeway/milkeyway.txt
- http://www.vupen.com/english/advisories/2006/0968
EPSS
CVE ID
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in Milkeyway Captive Portal 0.1 and 0.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) ipAddress, (2) act, (3) username, and (4) unspecified other parameters in (a) authuser.php; and the (5) username and (6) unspecified other parameters in (b) userstatistics.php.
EPSS