CVE-2006-3769

Description

Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pass and (2) pass2 parameters in (a) add.php or the (3) id parameter in (b) members/index.php.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/27880

http://www.vupen.com/english/advisories/2006/2914

http://www.securityfocus.com/archive/1/440889/100/100/threaded

http://www.securityfocus.com/archive/1/440652/100/0/threaded

http://www.osvdb.org/27414

http://www.osvdb.org/27413

http://securitytracker.com/id?1016548

http://securityreason.com/securityalert/1267

http://secunia.com/advisories/21145

Details

Source: Mitre, NVD

Risk Information

CVSS v2

CVSS v3

EPSS