Vulnerabilities > CVE-2006-2687 - HTML Injection vulnerability in Agtc Websolutions PHP-Agtc Membership System 1.1A

047910
CVSS 4.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE

Summary

Cross-site scripting (XSS) vulnerability in adduser.php in PHP-AGTC Membership System 1.1a and earlier allows remote attackers to inject arbitrary web script or HTML via the email address (useremail parameter).

Vulnerable Configurations

Part Description Count
Application
Agtc_Websolutions
1