CVE-2006-2696

Easy-content Forums - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerabilities in Easy-Content Forums 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) startletter parameter in userview.asp and the (2) catid parameter in topics.asp.

Exploits (1)

exploitdb WORKING POC

webappsasp

https://www.exploit-db.com/exploits/1834

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/435140/100/0/threaded

[Third Party Advisory] http://securityreason.com/securityalert/997

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/26803

Scores

EPSS 0.0073

EPSS Percentile 72.7%

Details

Status published

Products (1)

easy-content_forums/easy-content_forums 1.0

Published May 31, 2006

Tracked Since Feb 18, 2026