CVE-2006-6022
published 2006-11-21CVE-2006-6022: Cross-site scripting (XSS) vulnerability in login_form.asp in BestWebApp Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg…
PriorityP425medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
1.85%
76.5th percentile
Cross-site scripting (XSS) vulnerability in login_form.asp in BestWebApp Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
BestWebApp Dating Site login_form.asp msg cross site scripting (EDB-29081 / XFDB-30396)
vuldb·2026-04-28·CVSS 6.8
CVE-2006-6022 [MEDIUM] BestWebApp Dating Site login_form.asp msg cross site scripting (EDB-29081 / XFDB-30396)
A vulnerability described as problematic has been identified in BestWebApp Dating Site. This affects an unknown function of the file login_form.asp. The manipulation of the argument msg results in basic cross site scripting.
This vulnerability is known as CVE-2006-6022. It is possible to launch the attack remotely. Furthermore, an exploit is available.
GHSA
GHSA-92rj-mc2g-8q4x: Cross-site scripting (XSS) vulnerability in login_form
ghsa_unreviewed·2022-05-01·CVSS 6.8
CVE-2008-0131 [MEDIUM] CWE-79 GHSA-92rj-mc2g-8q4x: Cross-site scripting (XSS) vulnerability in login_form
Cross-site scripting (XSS) vulnerability in login_form.asp in Instant Softwares Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg parameter, a different product than CVE-2006-6022. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
GHSA
GHSA-jrh8-wqgg-7vhv: Cross-site scripting (XSS) vulnerability in login_form
ghsa_unreviewed·2022-05-01
CVE-2006-6022 [MEDIUM] GHSA-jrh8-wqgg-7vhv: Cross-site scripting (XSS) vulnerability in login_form
Cross-site scripting (XSS) vulnerability in login_form.asp in BestWebApp Dating Site allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/23017http://securityreason.com/securityalert/1898http://www.securityfocus.com/archive/1/451963/100/0/threadedhttp://www.securityfocus.com/bid/21158https://exchange.xforce.ibmcloud.com/vulnerabilities/30396http://secunia.com/advisories/23017http://securityreason.com/securityalert/1898http://www.securityfocus.com/archive/1/451963/100/0/threadedhttp://www.securityfocus.com/bid/21158https://exchange.xforce.ibmcloud.com/vulnerabilities/30396
2006-11-21
Published