CVE-2006-7004

Cross-site scripting (XSS) vulnerability in email_request.php in PSY Auction allows remote attackers to inject arbitrary web script or HTML via the user_id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published : 2007-02-12 23:28 Updated : 2008-09-05 21:16

6.8
CVSS Score More info
Score 6.8 / 10
6.8
Vendor Product Version URI
Php Script Tools Psy Auction cpe:/a:php_script_tools:psy_auction
  1. Php Script Tools (1) Search CVE
    1. Psy Auction (1) Search CVE

CWE

There is no CWE for this CVE.

History of changes

Date Event
2007-02-12 23:28

New CVE