CVE-2006-6479

Exploitation Summary

EIP tracks 5 public exploits for CVE-2006-6479. PoCs published by Mr_KaLiMaN.

AI-analyzed exploit summary The provided text describes a vulnerability in AnnonceScriptHP V2.0, specifically mentioning SQL injection and XSS vulnerabilities due to insufficient input validation. It includes a sample URL demonstrating an XSS attack vector but lacks executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in AnnonceScriptHP 2.0 allow remote attackers to inject arbitrary web script or HTML via the email parameter in (1) erreurinscription.php, (2) Templates/admin.dwt.php, (3) Templates/commun.dwt.php, (4) membre.dwt.php, and (5) admin/admin_config/Aide.php.

Exploits (5)

exploitdb WRITEUP VERIFIED

by Mr_KaLiMaN · textwebappsphp

https://www.exploit-db.com/exploits/29250

View Code ZIP pw:eip

The provided text describes a vulnerability in AnnonceScriptHP V2.0, specifically mentioning SQL injection and XSS vulnerabilities due to insufficient input validation. It includes a sample URL demonstrating an XSS attack vector but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: AnnonceScriptHP V2.0

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WRITEUP VERIFIED

by Mr_KaLiMaN · textwebappsphp

https://www.exploit-db.com/exploits/29247

View Code ZIP pw:eip

The provided text describes a vulnerability in AnnonceScriptHP V2.0, specifically XSS and SQL injection issues due to insufficient input validation. It includes a sample URL demonstrating the XSS vulnerability but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: AnnonceScriptHP V2.0

No auth needed

Prerequisites: Access to the vulnerable endpoint

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WRITEUP VERIFIED

by Mr_KaLiMaN · textwebappsphp

https://www.exploit-db.com/exploits/29249

View Code ZIP pw:eip

The provided text describes a vulnerability in AnnonceScriptHP V2.0, specifically mentioning SQL injection and XSS vulnerabilities due to insufficient input validation. It includes a sample URL demonstrating an XSS attack vector but lacks executable exploit code.

Classification

Writeup 80%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: AnnonceScriptHP V2.0

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WRITEUP VERIFIED

by Mr_KaLiMaN · textwebappsphp

https://www.exploit-db.com/exploits/29248

View Code ZIP pw:eip

The provided text describes a vulnerability in AnnonceScriptHP V2.0, specifically XSS and SQL injection issues due to insufficient input sanitization. It includes a sample URL demonstrating the XSS vulnerability but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: AnnonceScriptHP V2.0

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WRITEUP VERIFIED

by Mr_KaLiMaN · textwebappsphp

https://www.exploit-db.com/exploits/29251

View Code ZIP pw:eip

The provided text describes a vulnerability in AnnonceScriptHP V2.0, specifically XSS and SQL injection due to insufficient input validation. It includes a sample URL for XSS exploitation but lacks actual exploit code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: AnnonceScriptHP V2.0

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK