QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-3484

Back to search

CVE-2006-3484

Published: Jul 10, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) show_courses or (2) current_cat parameters to (a) admin/create_course.php, show_courses parameter to (b) users/create_course.php, (3) p parameter to (c) documentation/admin/, (4) forgot parameter to (d) password_reminder.php, (5) cat parameter to (e) users/browse.php, or the (6) submit parameter to admin/fix_content.php.

VendorProductVersions

n/a

n/a

affected
n/a

References

ADV-2006-2691
vdb-entry
x_refsource_VUPEN
27021
vdb-entry
x_refsource_OSVDB
20941
third-party-advisory
x_refsource_SECUNIA
27020
vdb-entry
x_refsource_OSVDB
27023
vdb-entry
x_refsource_OSVDB
27022
vdb-entry
x_refsource_OSVDB
18857
vdb-entry
x_refsource_BID
27019
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now