CVE-2006-2684 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-2684

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in the search module in CMS Mundo 1.0 allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.

Affected Software

Name	Vendor	Start Version	End Version
Cms_mundo	Hotwebscripts	1.0 (including)	1.0 (including)

References

http://secunia.com/advisories/20296
http://securityreason.com/securityalert/994
http://www.securityfocus.com/archive/1/435017/100/0/threaded
http://www.securityfocus.com/bid/18316
http://www.vupen.com/english/advisories/2006/1981
https://exchange.xforce.ibmcloud.com/vulnerabilities/26695
http://secunia.com/advisories/20296
http://securityreason.com/securityalert/994
http://www.securityfocus.com/archive/1/435017/100/0/threaded
http://www.securityfocus.com/bid/18316
http://www.vupen.com/english/advisories/2006/1981
https://exchange.xforce.ibmcloud.com/vulnerabilities/26695