CVE-2006-3571
published 2006-07-13CVE-2006-3571: Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or…
PriorityP416low2.6CVSS 2.0
AVNACHAuNCNIPAN
EXPLOIT
EPSS
2.40%
81.9th percentile
Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) titel or (2) ausgabe parameters.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| papoo | papoo | — | — |
| papoo | papoo | — | — |
| papoo | papoo | — | — |
| papoo | papoo_cms_light | <= 3.6 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-79wx-gv54-97wp: Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe
ghsa_unreviewed·2022-05-01
CVE-2006-3571 [LOW] CWE-79 GHSA-79wx-gv54-97wp: Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe
Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) titel or (2) ausgabe parameters.
GHSA
GHSA-28xp-4g73-5mqv: Multiple cross-site scripting (XSS) vulnerabilities in Papoo Light 3
ghsa_unreviewed·2022-05-01·CVSS 2.6
CVE-2007-3269 [LOW] GHSA-28xp-4g73-5mqv: Multiple cross-site scripting (XSS) vulnerabilities in Papoo Light 3
Multiple cross-site scripting (XSS) vulnerabilities in Papoo Light 3.6 before 20070611 allow remote attackers to inject arbitrary web script or HTML via (1) the URI in a GET request or (2) the Title field of a visitor comment, and (3) allow remote authenticated users to inject arbitrary web script or HTML via a message to another user. NOTE: vector (2) might overlap CVE-2006-3571.1.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/20978http://securityreason.com/securityalert/1217http://securitytracker.com/id?1016461http://www.osvdb.org/27117http://www.securityfocus.com/archive/1/439518/100/0/threadedhttp://www.securityfocus.com/bid/18895http://www.vupen.com/english/advisories/2006/2713https://exchange.xforce.ibmcloud.com/vulnerabilities/27639https://www.exploit-db.com/exploits/1993http://secunia.com/advisories/20978http://securityreason.com/securityalert/1217http://securitytracker.com/id?1016461http://www.osvdb.org/27117http://www.securityfocus.com/archive/1/439518/100/0/threadedhttp://www.securityfocus.com/bid/18895http://www.vupen.com/english/advisories/2006/2713https://exchange.xforce.ibmcloud.com/vulnerabilities/27639https://www.exploit-db.com/exploits/1993
2006-07-13
Published