CVE-2006-1854

Multiple cross-site scripting XSS vulnerabilities in BluePay Manager 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML during a login action via the 1 Account Name and 2 Username field. NOTE: the vendor has disputed this vulnerability, saying that "it does not exist...

Cross site scripting

DISPUTED Multiple cross-site scripting XSS vulnerabilities in BluePay Manager 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML during a login action via the 1 Account Name and 2 Username field. NOTE: the vendor has disputed this vulnerability, saying that "it does not...

CVE-2006-1854

Multiple cross-site scripting XSS vulnerabilities in BluePay Manager 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML during a login action via the 1 Account Name and 2 Username field. NOTE: the vendor has disputed this vulnerability, saying that "it does not exist...

CVE-2006-1854

The CVE-2006-1854 entry describes multiple XSS vulnerabilities in BluePay Manager 2.0 and earlier, allowing remote attackers to inject arbitrary script/HTML during login via the Account Name and Username fields. The vendor disputes the vulnerability, stating it may not exist in BluePay 2.0 and th...

PT-2006-2844 · Bluepay · Bluepay Manager

Name of the Vulnerable Software and Affected Versions: BluePay Manager versions 2.0 and earlier Description: The issue allows remote attackers to inject arbitrary web script or HTML during a login action via the Account Name and Username fields. The vendor has disputed this issue, stating it does...

BluePay Manager v2.0 Script Insertion Vulnerability

BluePay Manager v2.0 Script Insertion Vulnerability Vuln. discovered by : r0t Date: 18 april 2006 vendor:bluepay.com affected versions:v2.0 and previous orginal advisory: http://pridels.blogspot.com/2006/04/bluepay-manager-v20-script-insertion.html Vuln. description: Input passed to the "Account...