2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in auth.w2b in W2B Online Banking allows remote attackers to inject arbitrary web script or HTML via the adtype parameter, a different vector than CVE-2006-1980...
CVE-2006-1980
CVE-2006-1980 is an XSS vulnerability in W2B Online Banking. The vulnerability allows remote attackers to inject arbitrary script via (1) query string, (2) SID parameter, or (3) ilang parameter. The NVD entry reports a CVSS v2.0 base score of 2.6 (low) with Network attack vector, high attack comp...