CVE-2006-1971 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in login.php in KRANKIKOM ContentBoxX allows remote attackers to inject arbitrary web script or HTML via the action parameter.

Affected Software

Name	Vendor	Start Version	End Version
Contentboxx	Krankikom	*	*

References

http://secunia.com/advisories/19733
http://securityreason.com/securityalert/740
http://securityreason.com/securityalert/779
http://www.osvdb.org/24768
http://www.securityfocus.com/archive/1/431386/100/0/threaded
http://www.securityfocus.com/bid/17612
http://www.vupen.com/english/advisories/2006/1438
https://exchange.xforce.ibmcloud.com/vulnerabilities/25952
http://secunia.com/advisories/19733
http://securityreason.com/securityalert/740
http://securityreason.com/securityalert/779
http://www.osvdb.org/24768
http://www.securityfocus.com/archive/1/431386/100/0/threaded
http://www.securityfocus.com/bid/17612
http://www.vupen.com/english/advisories/2006/1438
https://exchange.xforce.ibmcloud.com/vulnerabilities/25952

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-1971
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html