CVE-2006-5037
published 2006-09-27CVE-2006-5037: MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to…
PriorityP420medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.25%
65.7th percentile
MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| squiz | mysource_matrix | — | — |
| squiz | mysource_matrix | — | — |
| squiz | mysource_matrix | — | — |
| squiz | mysource_matrix | — | — |
| squiz | mysource_matrix | — | — |
| squiz | mysource_matrix | — | — |
| squiz | mysource_matrix | — | — |
| squiz | mysource_matrix | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Squiz MySource Matrix 3.8 HTTP Proxy Server sq_content_src cross site scripting (SA22060)
vuldb·2026-04-23·CVSS 6.8
CVE-2006-5037 [MEDIUM] Squiz MySource Matrix 3.8 HTTP Proxy Server sq_content_src cross site scripting (SA22060)
A vulnerability has been found in Squiz MySource Matrix 3.8 and classified as problematic. This vulnerability affects unknown code of the component HTTP Proxy Server. This manipulation of the argument sq_content_src causes basic cross site scripting.
This vulnerability is tracked as CVE-2006-5037. The attack is possible to be carried out remotely. No exploit exists.
The presence of this vulnerability remains uncertain at this time.
GHSA
GHSA-723w-74pm-v4fj: ** DISPUTED ** MySource Matrix after 3
ghsa_unreviewed·2022-05-01
CVE-2006-5037 [MEDIUM] GHSA-723w-74pm-v4fj: ** DISPUTED ** MySource Matrix after 3
** DISPUTED ** MySource Matrix after 3.8 allows remote attackers to use the application as an HTTP proxy server via a MIME encoded URL in the sq_content_src parameter to access arbitrary sites with the server's IP address and conduct cross-site scripting (XSS) attacks. NOTE: the researcher reports that "The vendor does not consider this a vulnerability."
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/22060http://securityreason.com/securityalert/1635http://www.aushack.com/advisories/200607-mysourcematrix.txthttp://www.securityfocus.com/archive/1/446722/100/0/threadedhttp://secunia.com/advisories/22060http://securityreason.com/securityalert/1635http://www.aushack.com/advisories/200607-mysourcematrix.txthttp://www.securityfocus.com/archive/1/446722/100/0/threaded
2006-09-27
Published