CVE-2006-2473

OpenWiki 0.78 - Cross-Site Scripting via p Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-2473. PoCs published by LiNuX_rOOt.

AI-analyzed exploit summary The provided text describes a cross-site scripting (XSS) vulnerability in Open Wiki 0.78, where user-supplied input is not properly sanitized. The issue allows arbitrary script execution in the context of the affected site, potentially leading to credential theft.

Description

Cross-site scripting (XSS) vulnerability in ow.asp in OpenWiki 0.78 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this issue has been disputed by the vendor and a third party who is affiliated with the product. The vendor states "You cannot insert code in a wikipage or via URL parameters as they are all escaped before usage, so nothing can be compromised at other sites.

Exploits (1)

exploitdb WRITEUP VERIFIED
by LiNuX_rOOt · textwebappsasp
https://www.exploit-db.com/exploits/27890

The provided text describes a cross-site scripting (XSS) vulnerability in Open Wiki 0.78, where user-supplied input is not properly sanitized. The issue allows arbitrary script execution in the context of the affected site, potentially leading to credential theft.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: Open Wiki 0.78
No auth needed
Prerequisites: Access to a vulnerable Open Wiki instance
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/434295/100/0/threaded
Various Sources x_refsource_misc
http://www.openwiki.com/ow.asp?XssVulnerability
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/920
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/18013
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26517
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/496294/100/0/threaded
Various Sources x_refsource_misc
http://www.openwiki.com/ow.asp?OpenWikiVulnerability

Scores

EPSS 0.0194
EPSS Percentile 77.7%

Details

Status published
Products (1)
openwiki/openwiki 0.78
Published May 19, 2006
Tracked Since Feb 18, 2026