Unrated severityNVD Advisory· Published Feb 2, 2006· Updated Apr 16, 2026

CVE-2006-0521

Description

Cross-site scripting (XSS) vulnerability in results.php in BrowserCRM allows remote attackers to inject arbitrary web script or HTML via certain manipulations of the query parameter, as demonstrated using an IMG SRC tag.

Affected products

Browsercrm/Browsercrm
cpe:2.3:a:browsercrm:browsercrm:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/18658nvdVendor Advisory
securityreason.com/securityalert/393nvd
www.osvdb.org/22841nvd
www.securityfocus.com/archive/1/423546/100/0/threadednvd
www.securityfocus.com/bid/16435nvd
www.vupen.com/english/advisories/2006/0391nvd
exchange.xforce.ibmcloud.com/vulnerabilities/24390nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000