Back to search
CVE-2006-3494
Published: Jul 10, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Buddy Zone 1.0.1 allow remote attackers to inject arbitrary HTML and web script via the (1) cat_id parameter to (a) view_classifieds.php; (2) id parameter in (b) view_ad.php; (3) event_id parameter in (c) view_event.php, (d) delete_event.php, and (e) edit_event.php; and (4) group_id in (f) view_group.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1209
third-party-advisory
x_refsource_SREASON
26985
vdb-entry
x_refsource_OSVDB
26981
vdb-entry
x_refsource_OSVDB
26990
vdb-entry
x_refsource_OSVDB
26991
vdb-entry
x_refsource_OSVDB
26988
vdb-entry
x_refsource_OSVDB
buddy-zone-multiple-scripts-sql-injection(27514)
vdb-entry
x_refsource_XF
26989
vdb-entry
x_refsource_OSVDB
26982
vdb-entry
x_refsource_OSVDB
18759
vdb-entry
x_refsource_BID
26984
vdb-entry
x_refsource_OSVDB
26983
vdb-entry
x_refsource_OSVDB
26992
vdb-entry
x_refsource_OSVDB
20060630 Buddy Zone Version 1.0.1 - XSS
mailing-list
x_refsource_BUGTRAQ
26979
vdb-entry
x_refsource_OSVDB
20933
third-party-advisory
x_refsource_SECUNIA
26993
vdb-entry
x_refsource_OSVDB
20060715 Re: Buddy Zone Version 1.0.1 - XSS
mailing-list
x_refsource_BUGTRAQ
ADV-2006-2645
vdb-entry
x_refsource_VUPEN
26980
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now