2 matches found
CVE-2006-3278
Cross-site scripting XSS vulnerability in H-Sphere 2.5.1 Beta 1 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 nexttemplate, 2 start, 3 currmenuid, and 4 arid parameters in psoft/servlet/resadmin/psoft.hsphere.CP when using the mailman/massmail.html...
CVE-2006-3278
CVE-2006-3278 is an XSS vulnerability in H-Sphere 2.5.1 Beta 1 and earlier. Triggered via parameters next_template, start, curr_menu_id, and arid in psoft/servlet/resadmin/psoft.hsphere.CP when using the mailman/massmail.html template_name, potentially allowing remote attackers to inject arbitrar...