2 matches found
CVE-2006-6211
BirdBlog 1.4.0 is affected by multiple cross-site scripting (XSS) vulnerabilities. The issue allows remote attackers to inject arbitrary script or HTML via: (1) the msg parameter to admin/admincore.php, (2) the month parameter to admin/comments.php or admin/entries.php, and (3) the page parameter...
CVE-2006-6211
Multiple cross-site scripting XSS vulnerabilities in BirdBlog 1.4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 msg parameter to a admin/admincore.php, the 2 month parameter to b admin/comments.php or c admin/entries.php, or the 3 page parameter to d admin/logs.php,...