Description

Cross-site scripting (XSS) vulnerability in modules/wfdownloads/newlist.php in XOOPS 1.0 allows remote attackers to inject arbitrary web script or HTML via the newdownloadshowdays parameter.

Remediation

References

CVE-2006-5810

Related Vulnerabilities

Moodle Improper Input Validation Vulnerability (CVE-2011-4582)

WordPress Plugin Social Sharing-Sassy Social Share Cross-Site Scripting (3.3.44)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8644)

WordPress Plugin Asset CleanUp:Page Speed Booster Multiple Vulnerabilities (1.3.6.6)

WordPress Plugin Nokia Maps & Places Cross-Site Scripting (1.6.6)

Severity

Medium

Classification

CVE-2006-5810

Tags

Missing Update Known Vulnerabilities