Published: 06/11/2006 Updated: 17/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 710

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple cross-site scripting (XSS) vulnerabilities in ac4p Mobile allow remote malicious users to inject arbitrary web script or HTML via (1) Bloks, (2) Newnews, (3) lBlok, and (4) foooot parameter in (a) index.php; Newnews, (5) newmsgs, and Bloks parameter in (b) MobileNews.php; Newnews parameter in (c) polls.php; (6) cats parameter in (d) send.php; (7) footer parameter in (e) up.php; and (8) pagenav parameter in (f) cp/index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ac4p ac4p mobile

source: wwwsecurityfocuscom/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This m ...

source: wwwsecurityfocuscom/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site This ...

source: wwwsecurityfocuscom/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site ...

source: wwwsecurityfocuscom/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site Th ...

source: wwwsecurityfocuscom/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site ...

source: wwwsecurityfocuscom/bid/20895/info Mobile is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected si ...

NVD-CWE-Other http://www.securityfocus.com/bid/20895 http://www.osvdb.org/32046 http://www.osvdb.org/32047 http://www.osvdb.org/32048 http://www.osvdb.org/32049 http://www.osvdb.org/32050 http://www.osvdb.org/32051 https://exchange.xforce.ibmcloud.com/vulnerabilities/30007 http://www.securityfocus.com/archive/1/450496/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/28900/

CVE-2006-5770

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect