CVE-2006-2989 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-2989

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in listpics.asp in ASP ListPics 4.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the info parameter.

Affected Software

Name	Vendor	Start Version	End Version
Listpics	Iisworks	*	4.3 (including)

References

http://pridels0.blogspot.com/2006/06/asp-listpics-43-xss-vuln.html
http://secunia.com/advisories/20517
http://www.securityfocus.com/bid/18438
http://www.vupen.com/english/advisories/2006/2250
https://exchange.xforce.ibmcloud.com/vulnerabilities/27068
http://pridels0.blogspot.com/2006/06/asp-listpics-43-xss-vuln.html
http://secunia.com/advisories/20517
http://www.securityfocus.com/bid/18438
http://www.vupen.com/english/advisories/2006/2250
https://exchange.xforce.ibmcloud.com/vulnerabilities/27068