Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2006-3327

EPSS 0.53% · P67
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3327

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Custom dating biz dating script 1.0 allows remote attackers to inject arbitrary web script or HTML via the (1) sn20_special_cases parameter ("Special Cases" field) in profile/mini.php, (2) tyxx01_album_name parameter ("Album Name" field) in profile/photo_create.php, and the (3) u parameter in admin/user_view.php.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Custom dating biz dating script 多个跨站脚本攻击(XSS)漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Custom dating biz dating script 1.0中的跨站脚本攻击(XSS)漏洞,可让远程攻击者通过(1) profile/mini.php中的sn20_special_cases参数("特殊案例"字段)、(2) profile/photo_create.php中的tyxx01_album_name参数("相册名称"字段)和(3) admin/user_view.php中的u参数注入任意Web脚本或HTML。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2006-3327

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2006-3327

登录查看更多情报信息。

Same Patch Batch · n/a · 2006-06-30 · 21 CVEs total

CVE-2006-3334LibPNG 图形库块错误处理 缓冲区溢出漏洞
CVE-2006-3320SiteBar Command.PHP 跨站脚本攻击漏洞
CVE-2006-3319PHP iCalendar index.php 跨站脚本攻击(XSS)漏洞
CVE-2006-3321OpenForum openforum.asp 多个跨站注入漏洞
CVE-2006-3117OpenOffice 畸形XML文件格式 堆溢出漏洞
CVE-2006-2199OpenOffice Java Applet 访问控制绕过漏洞
CVE-2006-2198OpenOffice 任意宏执行漏洞
CVE-2006-3118Spread 套接字文件创建 拒绝服务漏洞
CVE-2006-3322phpRaid includes/functions_logging.php SQL注入漏洞
CVE-2006-2934Linux Kernel Netfilter SCTP conntrack 拒绝服务漏洞
CVE-2006-3323MF Piadas admin.php 远程文件包含漏洞
CVE-2006-3333Zorum Forum index.php 跨站脚本攻击(XSS)漏洞
CVE-2006-3332Zorum index.php 多个SQL注入漏洞
CVE-2006-3331Opera SSL证书 输入验证错误漏洞
CVE-2006-3330PHP/MySQL Classifieds AddAsset1.php 多个跨站脚本攻击(XSS)漏洞
CVE-2006-3329PHP/MySQL Classifieds search.php SQL注入漏洞
CVE-2006-3328Hostflow New_Ticket.CGI 跨站脚本攻击漏洞
CVE-2006-3326QuickZip 多个目录遍历漏洞
CVE-2006-3325Quake 3 client/cl_parse.c 输入验证漏洞
CVE-2006-3324id3 Quake 3 Engine/Icculus Quake 3 Engine "自动下载"选项 输入验证漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2006-3327

No comments yet

Leave a comment