CVE-2006-6768

PWP Technologies The Classified Ad System - XSS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6768. PoCs published by laurent gaffie.

AI-analyzed exploit summary The provided text describes SQL injection and XSS vulnerabilities in The Classified Ad System version 3.0, with example URLs demonstrating potential exploitation vectors. It lacks executable exploit code but outlines the attack surface.

Description

Multiple cross-site scripting (XSS) vulnerabilities in default.asp in PWP Technologies The Classified Ad System allow remote attackers to inject arbitrary web script or HTML via the (1) cat or (2) main parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by laurent gaffie · textwebappsasp
https://www.exploit-db.com/exploits/29141

The provided text describes SQL injection and XSS vulnerabilities in The Classified Ad System version 3.0, with example URLs demonstrating potential exploitation vectors. It lacks executable exploit code but outlines the attack surface.

Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Theoretical
Target: The Classified Ad System 3.0
No auth needed
Prerequisites: Network access to the target application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/30445
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/452194/100/200/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2075
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23289
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/21198

Scores

EPSS 0.0166
EPSS Percentile 73.6%

Details

Status published
Products (1)
pwp_technologies/the_classified_ad_system
Published Dec 27, 2006
Tracked Since Feb 18, 2026