CVE-2006-3769

N/A Unknown

Published: July 24, 2006 Modified: April 16, 2026

Description

Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pass and (2) pass2 parameters in (a) add.php or the (3) id parameter in (b) members/index.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/21145

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/1267

Source: cve@mitre.org

http://securitytracker.com/id?1016548

Source: cve@mitre.org

http://www.majorsecurity.de/advisory/major_rls22.txt

Source: cve@mitre.org

Exploit Vendor Advisory

http://www.osvdb.org/27413

Source: cve@mitre.org

http://www.osvdb.org/27414

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/440652/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/440889/100/100/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/19098

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/2914

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27880

Source: cve@mitre.org

http://secunia.com/advisories/21145