Cross-site scripting (XSS) vulnerability in index.php AlstraSoft E-Friends allows remote malicious users to inject arbitrary web script or HTML via the p_id parameter in a people_card action. NOTE: this might overlap CVE-2006-2564.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alstrasoft e-friends 4.0 |