CVE-2006-4540
Learn.com LearnCenter - Cross-Site Scripting via id Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2006-4540. PoCs published by Crack_MaN.
AI-analyzed exploit summary The provided code is a writeup describing a cross-site scripting (XSS) vulnerability in Learn.com learncenter. It includes a proof-of-concept URL demonstrating the vulnerability but lacks executable exploit code.
Description
Cross-site scripting (XSS) vulnerability in learncenter.asp in Learn.com LearnCenter allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Crack_MaN · textwebappsphp
https://www.exploit-db.com/exploits/28466
The provided code is a writeup describing a cross-site scripting (XSS) vulnerability in Learn.com learncenter. It includes a proof-of-concept URL demonstrating the vulnerability but lacks executable exploit code.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Learn.com learncenter
No auth needed
Prerequisites:
Access to the vulnerable application
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (7)
Core 7
Core References
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/444842
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/21716
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/28694
Exploit vdb-entry
x_refsource_osvdb
http://www.osvdb.org/28306
Third Party Advisory mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2006-October/001093.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/3432
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/19781
Scores
EPSS
0.0215
EPSS Percentile
79.9%
Details
Status
published
Products (1)
learn.com/learncenter
Published
Sep 05, 2006
Tracked Since
Feb 18, 2026