CVE-2006-2518
CVE-2006-2518 affects phpWCMS 1.2.5-DEV where a crafted value in the BL[be_cnt_plainhtml] parameter is echoed into include/inc_tmpl/content/cnt6.inc.php, enabling cross-site scripting. The vulnerability originates from improper handling of user-supplied input in that parameter, leading to arbitra...