3 matches found
TheWebForum register.php www Parameter XSS - Ver2 (CVE-2006-0134)
A cross-site scripting vulnerability has been reported in TheWebForum. The vulnerability is due to the application not validating the 'www' variable upon submission to the 'register.php' script. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web...
CVE-2006-0134
The CVE-2006-0134 vulnerability concerns TheWebForum (twf) version 1.2.1, specifically the register.php script. The issue is a cross-site scripting (XSS) flaw that accepts user input via the www parameter and does not sufficiently sanitize it, enabling remote attackers to inject arbitrary web scr...
CVE-2006-0134
Cross-site scripting XSS vulnerability in register.php in TheWebForum twf 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the www parameter...