Cross-Site Scripting Vulnerabilities in Evo-Dev evoBlog
CVE-2006-1077

Currently unrated

Key Information:

Vendor: Evo-dev
Status: Evoblog
Vendor: CVE Published:; 9 March 2006

What is CVE-2006-1077?

Evo-Dev's evoBlog contains multiple cross-site scripting vulnerabilities that can be exploited by remote attackers. These vulnerabilities arise when attackers inject arbitrary web scripts or HTML through the 'name' parameter and other unspecified parameters. This lack of adequate input validation exposes users to potential attacks, allowing malicious scripts to execute in the context of users’ browsers, leading to unauthorized actions and data exposure. It is essential to address these vulnerabilities to safeguard web applications against XSS attacks.

References

http://www.securityfocus.com/bid/16983

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/426826/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/431869/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 9, 2006
Vulnerability Reserved
Mar 8, 2006

CVE-2006-1077 Data

JSON

Evo-dev

What is CVE-2006-1077?

References

Timeline