2 matches found
CVE-2006-7004
Cross-site scripting XSS vulnerability in emailrequest.php in PSY Auction allows remote attackers to inject arbitrary web script or HTML via the userid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2006-7004
The CVE-2006-7004 entry documents a Cross-site Scripting (XSS) vulnerability in the PSY Auction project, specifically in email_request.php, exploitable via the user_id parameter. The vulnerability description indicates that remote attackers can inject arbitrary web script or HTML, implying potent...