EUVD-2006-3242

Malware in sbrugna...

CVE-2006-3245

Affected software: mvnForum 1.0 GA and earlier. Vulnerability: multiple cross-site scripting (XSS) via the activatecode and member parameters of the activatemember script. Root cause/impact: input is not sanitized before dynamic content is generated, enabling arbitrary HTML/JavaScript execution i...

mvnForum activatemember Multiple Parameter XSS

The remote host is running mvnForum, an open source, forum application based on Java J2EE. The version of mvnForum installed on the remote host fails to sanitize user-supplied input to the 'activatecode' and 'member' parameters of the 'activatemember' script before using it to generate dynamic we...