CVE-2006-5530
Boesch It-consulting Simpnews < 2.34 - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in Boesch SimpNews before 2.34.01 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/index.php, (2) admin/pwlost.php, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
https://www.exploit-db.com/exploits/28858
exploitdb
WORKING POC
VERIFIED
https://www.exploit-db.com/exploits/28859
Scores
EPSS
0.0043
EPSS Percentile
62.1%
Classification
CWE
CWE-79
Status
draft
Affected Products (4)
boesch_it-consulting/simpnews
< 2.34
boesch_it-consulting/simpnews
boesch_it-consulting/simpnews
boesch_it-consulting/simpnews
Timeline
Published
Oct 26, 2006
Tracked Since
Feb 18, 2026