CVE-2006-3320

Published: Jun 30, 2006Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in command.php in SiteBar 3.3.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the command parameter.

Affected (7)

Products: Sitebar: Sitebar

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Sitebar Sitebar	Up to 3.3.8
Sitebar Sitebar	Version 3.3.2
Sitebar Sitebar	Version 3.3.3
Sitebar Sitebar	Version 3.3.4
Sitebar Sitebar	Version 3.3.5
Sitebar Sitebar	Version 3.3.6
Sitebar Sitebar	Version 3.3.7

References (26)

http://kurdishsecurity.blogspot.com/2006/06/kurdish-security-11-sitebar-cross-site.html

Source: cve@mitre.org

Exploit

http://secunia.com/advisories/20841

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/21248

Source: cve@mitre.org

http://securityreason.com/securityalert/1174

Source: cve@mitre.org

http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup

Source: cve@mitre.org

http://www.debian.org/security/2006/dsa-1130

Source: cve@mitre.org

http://www.osvdb.org/26869

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/438464/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/482499/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/18680

Source: cve@mitre.org

Exploit

http://www.securityfocus.com/bid/26126

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2568

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27421

Source: cve@mitre.org

http://kurdishsecurity.blogspot.com/2006/06/kurdish-security-11-sitebar-cross-site.html

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://secunia.com/advisories/20841

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/21248

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/1174

Source: af854a3a-2127-422b-91ae-364da2661108

http://teamforge.net/viewcvs/viewcvs.cgi/tags/release-3.3.9/doc/history.txt?view=markup

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2006/dsa-1130

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/26869

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/438464/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/482499/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/18680

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securityfocus.com/bid/26126

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/2568

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/27421

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.