Vulnerabilities > CVE-2006-1157 - HTML Injection vulnerability in ADP Forum Subject Field
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in Vz Scripts ADP Forum 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the Subject field (possibly messaggio parameter) when posting a new message in post.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | ADP Forum 2.0.x Subject Field HTML Injection Vulnerability. CVE-2006-1157. Webapps exploit for php platform |
id | EDB-ID:27379 |
last seen | 2016-02-03 |
modified | 2006-03-09 |
published | 2006-03-09 |
reporter | liz0 |
source | https://www.exploit-db.com/download/27379/ |
title | ADP Forum 2.0.x Subject Field HTML Injection Vulnerability |