2 matches found
CVE-2006-3494
Multiple cross-site scripting XSS vulnerabilities in Buddy Zone 1.0.1 allow remote attackers to inject arbitrary HTML and web script via the 1 catid parameter to a viewclassifieds.php; 2 id parameter in b viewad.php; 3 eventid parameter in c viewevent.php, d deleteevent.php, and e editevent.php;...
Buddy Zone Version 1.0.1 - XSS
Buddy Zone Version 1.0.1 Homepage: http://www.vastal.com/buddy-zone-social-networking-script.html Affected files: Sending invitations Profiles Blogs Journals Posting comments Posting in the forum Sending mail Creating a group viewsubforum.php viewpost.php viewclassifieds.php viewad.php...