3 matches found
CVE-2006-4224
Cross-site scripting XSS vulnerability in calendar.php in Virtual War VWar 1.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the year parameter. NOTE: The page parameter vector is covered by CVE-2006-4009...
CVE-2006-4224
Cross-site scripting XSS vulnerability in calendar.php in Virtual War VWar 1.5.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the year parameter. NOTE: The page parameter vector is covered by CVE-2006-4009...
CVE-2006-4224
CVE-2006-4224 is an XSS vulnerability in Virtual War (VWar) calendar.php affecting VWar 1.5.0 and earlier. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the year parameter. The CVE also notes that the page parameter vector is covered by CVE-2006-4009. No fur...