CVE-2004-2725 - Mystagogic Appellate

Description

Multiple cross-site scripting (XSS) vulnerabilities in Aztek Forum 4.0 allow remote attackers to inject arbitrary web script or HTML via (1) the search parameter in (a) search.php (2) the email parameter in (b) subscribe.php and (3) the return and (4) title parameters in (c) forum_2.php.

Reference

http://www.securityfocus.com/bid/11654 http://www.osvdb.org/11704 http://www.osvdb.org/11705 http://www.osvdb.org/11706 http://securitytracker.com/id?1012213 http://secunia.com/advisories/13202 https://exchange.xforce.ibmcloud.com/vulnerabilities/18057