CVE-2006-1504

Arab Portal 2.0 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in Arab Portal 2.0 (aka Arab Dynamic Portal or ADP) stable allow remote attackers to inject arbitrary web script or HTML via the title parameter in (1) online.php and (2) download.php.

Exploits (2)

exploitdb WORKING POC VERIFIED

by o.y.6 · textwebappsphp

https://www.exploit-db.com/exploits/27500

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by o.y.6 · textwebappsphp

https://www.exploit-db.com/exploits/27501

View Code ZIP pw:eip

References (8)

Core 8

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/17285

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/673

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/1150

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/24220

Exploit, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/19445

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/24221

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/429109/100/0/threaded

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/25515

Scores

EPSS 0.0132

EPSS Percentile 80.0%

Details

Status published

Products (1)

arab_portal/arab_portal 2.0

Published Mar 30, 2006

Tracked Since Feb 18, 2026