2 matches found
CVE-2006-3974
Cross-site scripting XSS vulnerability in cgi-bin/admin in 3Com OfficeConnect Secure Router with firmware 1.04-168 allows remote attackers to inject arbitrary web script or HTML via the tk parameter...
CVE-2006-3974
CVE-2006-3974 affects 3Com OfficeConnect Secure Router firmware 1.04-168, where a cross-site scripting (XSS) flaw in the admin CGI (cgi-bin/admin) allows remote attackers to inject arbitrary web script or HTML via the tk parameter. The NVD entry records a CVSS v2 base score of 4.3 (Medium) with n...