QwikSec

Security Database

CVE

CWE

Training

CVE-2008-6891

Published: Aug 3, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple cross-site scripting (XSS) vulnerabilities in ASP Forum Script allow remote attackers to inject arbitrary web script or HTML via the (1) forum_id parameter to (a) new_message.asp and (b) messages.asp, and the (2) query string to default.asp.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

aspforum-messages-newmessage-xss(47002)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_BID

http://packetstormsecurity.org/0812-exploits/aspforum-cmsqlxss.txt

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.