2 matches found
CVE-2006-4442
CVE-2006-4442 is an XSS vulnerability in PHP iAddressBook prior to 0.95, exploitable via the cat_name parameter during category addition (categories field). The NVD entry lists a CVSSv2 base score of 6.8 (MEDIUM) with network attack vector and partial impact on confidentiality, integrity, and ava...
CVE-2006-4460
CVE-2006-4460 describes a Cross-site Scripting (XSS) vulnerability in PHP iAddressBook prior to 0.96. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Affected software is PHP iAddressBook, version before 0.96; root cause is an XSS condition, but th...