CVE-2006-2956 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-2956

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Multiple cross-site scripting (XSS) vulnerabilities in i.List 1.5 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) searchword parameter to search.php or (2) siteurl parameter to add.php.

Affected Software

Name	Vendor	Start Version	End Version
I.list	Skoom	*	1.5_beta (including)

References

http://secunia.com/advisories/20547
http://securitytracker.com/id?1016274
http://www.majorsecurity.de/advisory/major_rls10.txt
http://www.securityfocus.com/bid/18355
http://www.vupen.com/english/advisories/2006/2252