Description
Cross-site scripting (XSS) vulnerability in index.php in Aweb Banner Generator 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the banner parameter in view mode.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by benozor77 · textwebappsphp
https://www.exploit-db.com/exploits/27582
References (5)
Core 5
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/17416
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25782
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1348
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19621
Exploit vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015877
Scores
EPSS
0.0053
EPSS Percentile
67.4%
Details
Status
published
Products (1)
aweb/banner_generator
< 3.0
Published
Apr 11, 2006
Tracked Since
Feb 18, 2026