CVE-2006-6534
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2006-6534
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in osCommerce 3.0a3 allow remote attackers to inject arbitrary web script or HTML via the (1) set parameter to admin/modules.php, the (2) selected_box parameter to definitiva/admin/customers.php, the (3) lID parameter to admin/languages_definitions.php, or the (4) pID parameter to admin/products.php.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
OSCommerce 多个跨站脚本攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
osCommerce 3.0a3存在多个跨站脚本攻击(XSS)漏洞,远程攻击者可以通过传给admin/modules.php的(1)set参数,传给definitiva/admin/customers.php的(2)selected_box参数,传给admin/languages_definitions.php的(3)lID参数,或者传给admin/products.php的(4)pID参数,来注入任意Web脚本或HTML。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2006-6534
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2006-6534
Please Login to view more intelligence information
Same Patch Batch · n/a · 2006-12-14 · 62 CVEs total
| CVE-2006-6521 | Messageriescripthp 'lire-avis.php'SQL注入漏洞 | |
| CVE-2006-5649 | Linux核心SPARC和PowerPC本地拒绝服务漏洞 | |
| CVE-2006-6508 | phpBB 未授消息权跨站请求伪造漏洞 | |
| CVE-2006-6107 | D-Bus 'signals.c'本地拒绝服务漏洞 | |
| CVE-2006-5875 | Enemies of Carlotta Shell参数命令执行漏洞 | |
| CVE-2006-6526 | Gizzar 'Index.php'远程文件包含漏洞 | |
| CVE-2006-6525 | EzHRS HR Assis 'vdateUsr.asp'SQL注入漏洞 | |
| CVE-2006-6524 | EzHRS HR Assist 'vdateUsr.asp' SQL注入漏洞 | |
| CVE-2006-6523 | CPanel BoxTrapper 'Manage.HTML'跨站脚本攻击漏洞 | |
| CVE-2006-6522 | WikiTimeScale TwoZero 多个跨站脚本攻击漏洞 | |
| CVE-2006-6527 | Gizzar 'guest.php'PHP远程文件包含漏洞 | |
| CVE-2006-6520 | Messageriescripthp 多个跨站脚本攻击(XSS)漏洞 | |
| CVE-2006-6519 | ProNews 'lire-avis.php'多个输入验证漏洞 | |
| CVE-2006-6518 | ProNews 多个跨站脚本攻击漏洞 | |
| CVE-2006-6517 | KDPics多个输入验证漏洞 | |
| CVE-2006-6516 | KDPics 多个PHP远程文件包含漏洞 | |
| CVE-2006-6515 | Mantis '$g_bug_reminder_threshold'未明攻击漏洞 | |
| CVE-2006-6514 | Winamp Web Interface 根目录远程访问漏洞 | |
| CVE-2006-6513 | Winamp Web Interface CControl::Download函数任意类型文件下载漏洞 | |
| CVE-2006-6512 | Winamp Web Interface '/browse URI'目录遍历漏洞 |
Showing top 20 of 62 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2006-6534
No comments yet