CVE-2006-2696

Easy-content Forums - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and the (2) catid parameter in topics.asp.

Exploits (1)

exploitdb WORKING POC

webappsasp

https://www.exploit-db.com/exploits/1834

View on exploitdb

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/435140/100/0/threaded

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/26803

[Third Party Advisory] http://securityreason.com/securityalert/997

Scores

EPSS 0.0073

EPSS Percentile 72.3%

Classification

Status draft

Affected Products (1)

easy-content_forums/easy-content_forums

Timeline

Published May 31, 2006

Tracked Since Feb 18, 2026