Vulnerabilities > CVE-2006-1157 - HTML Injection vulnerability in ADP Forum Subject Field

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
adp
exploit available

Summary

Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.

Vulnerable Configurations

Part Description Count
Application
Adp
1

Exploit-Db

descriptionADP Forum 2.0.x Subject Field HTML Injection Vulnerability. CVE-2006-1157. Webapps exploit for php platform
idEDB-ID:27379
last seen2016-02-03
modified2006-03-09
published2006-03-09
reporterliz0
sourcehttps://www.exploit-db.com/download/27379/
titleADP Forum 2.0.x Subject Field HTML Injection Vulnerability