CVE-2006-0122

Description

Cross-site scripting (XSS) vulnerability in Public/Index.asp in Aquifer CMS allows remote attackers to inject arbitrary web script or HTML via the Keyword parameter.

Affected products

• aquifer_cms / aquifer_cms

References

• MISChttp://attrition.org/pipermail/vim/2006-January/000509.html
• VENDOR_ADVISORYhttp://secunia.com/advisories/18326
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/0074
• MISChttp://osvdb.org/ref/22/22247-aquifer.txt
• MISChttp://www.securityfocus.com/bid/16162
• MISChttp://www.osvdb.org/22247