CVE-2006-0521

Published: Feb 2, 2006Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM allows remote attackers to inject arbitrary web script or HTML via certain manipulations of the query parameter, as demonstrated using an IMG SRC tag.

Affected (1)

Products: Browsercrm: Browsercrm

Browsercrm

1 product

Browsercrm

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Browsercrm Browsercrm	All versions

References (14)

http://secunia.com/advisories/18658

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/393

Source: cve@mitre.org

http://www.osvdb.org/22841

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/423546/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/16435

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/0391

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24390

Source: cve@mitre.org

http://secunia.com/advisories/18658