2 matches found
CVE-2006-5239
Multiple cross-site scripting XSS vulnerabilities in eXpBlog 0.3.5 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the query string PHPSELF in kalender.php or 2 the captchasessioncode parameter in predetails.php...
CVE-2006-5239
CVE-2006-5239 documents multiple cross-site scripting (XSS) vulnerabilities in the PHP-based blog software eXpBlog (version 0.3.5 and earlier). The flaws permit remote attackers to inject arbitrary web script or HTML via two parameters: (1) the query string (PHP_SELF) in kalender.php, and (2) the...