CVE-2006-3571

Published: Jul 13, 2006Modified: Apr 16, 2026

2.6

Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability: 4.9 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) titel or (2) ausgabe parameters.

Affected (3)

Products: Papoo: Papoo

Papoo

1 product

Papoo

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Papoo Papoo	Version 2.1.2
Papoo Papoo	Version 2.1.5
Papoo Papoo	Version 3.0.0_rc3

Related CWEs

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (18)

http://secunia.com/advisories/20978

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/1217

Source: cve@mitre.org

http://securitytracker.com/id?1016461

Source: cve@mitre.org

Exploit

http://www.osvdb.org/27117

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/439518/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/18895

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/2713

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/27639

Source: cve@mitre.org

https://www.exploit-db.com/exploits/1993

Source: cve@mitre.org

http://secunia.com/advisories/20978