CVE-2006-6996
CVE-2006-6996 concerns multiple XSS flaws in warforge.NEWS 1.0. The vulnerabilities allow remote attackers to inject arbitrary HTML or web script via parameters in two parts of the app: (a) newsadd.php (title and newspost) and (b) news.php (name, title, and comment). This is a separate vector set...