CVE-2006-3260
published 2006-06-27CVE-2006-3260: Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
PriorityP414medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.40%
69.1th percentile
Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| virtual_design_studios | vlbook | — | — |
| virtual_design_studios | vlbook | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2q7x-4q74-5fv4: Cross-site scripting (XSS) vulnerability in index
ghsa_unreviewed·2022-05-01
CVE-2006-3260 [MEDIUM] GHSA-2q7x-4q74-5fv4: Cross-site scripting (XSS) vulnerability in index
Cross-site scripting (XSS) vulnerability in index.php in vlbook 1.02 allows remote attackers to inject arbitrary web script or HTML via the message parameter.
GHSA
GHSA-2m5h-pc3m-x5gq: Cross-site scripting (XSS) vulnerability in index
ghsa_unreviewed·2022-05-01·CVSS 4.3
CVE-2008-2072 [MEDIUM] CWE-79 GHSA-2m5h-pc3m-x5gq: Cross-site scripting (XSS) vulnerability in index
Cross-site scripting (XSS) vulnerability in index.php in Virtual Design Studio vlbook 1.21 allows remote attackers to inject arbitrary web script or HTML via the l parameter, a different vector than CVE-2006-3260.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://colander.altervista.org/advisory/vlbook.txthttp://secunia.com/advisories/20776http://securityreason.com/securityalert/1150http://securitytracker.com/id?1016379http://www.securityfocus.com/archive/1/438146/100/0/threadedhttp://www.securityfocus.com/bid/18618http://www.vupen.com/english/advisories/2006/2505https://exchange.xforce.ibmcloud.com/vulnerabilities/27333http://colander.altervista.org/advisory/vlbook.txthttp://secunia.com/advisories/20776http://securityreason.com/securityalert/1150http://securitytracker.com/id?1016379http://www.securityfocus.com/archive/1/438146/100/0/threadedhttp://www.securityfocus.com/bid/18618http://www.vupen.com/english/advisories/2006/2505https://exchange.xforce.ibmcloud.com/vulnerabilities/27333
2006-06-27
Published