CVE-2006-0152

This record documents a Cross-site Scripting (XSS) vulnerability in phpChamber 1.2 and earlier, exploitable via the needle parameter in search_result.php. The root cause is an input handling flaw that allows remote attackers to inject arbitrary web script or HTML, as described in the CVE entry. A...