CVE-2006-3358
CVE-2006-3358 describes multiple cross-site scripting (XSS) vulnerabilities in NewsPHP 2006 PRO, exploitable via the (1) words, (2) id, (3) cat_id, and (4) tim parameters in index.php. These inputs are returned in an error page without proper sanitization, enabling injection of arbitrary script/H...