Back to search
CVE-2006-1965
Published: Apr 21, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net Clubs Pro 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) onuser, (2) pass, (3) chatsys, (4) room, (5) username, and (6) to parameters in (a) sendim.cgi; the (7) username parameter in (b) imessage.cgi; the (8) password parameter in (c) login.cgi; and the (9) cat_id parameter in (d) viewcat.cgi.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
24757
vdb-entry
x_refsource_OSVDB
http://pridels0.blogspot.com/2006/04/net-clubs-pro-xss-vuln.html
x_refsource_MISC
24754
vdb-entry
x_refsource_OSVDB
ADV-2006-1436
vdb-entry
x_refsource_VUPEN
17622
vdb-entry
x_refsource_BID
netclubspro-multiple-xss(25957)
vdb-entry
x_refsource_XF
24755
vdb-entry
x_refsource_OSVDB
24756
vdb-entry
x_refsource_OSVDB
19651
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now