Unrated severityNVD Advisory· Published Mar 14, 2006· Updated Apr 16, 2026

CVE-2006-1233

Description

Multiple cross-site scripting (XSS) vulnerabilities in WMNews allow remote attackers to inject arbitrary web script or HTML via the (1) ArtCat parameter to wmview.php, (2) ctrrowcol parameter to footer.php, or (3) ArtID parameter to wmcomments.php.

Affected products

Mikael Software/Wmnews
cpe:2.3:a:mikael_software:wmnews:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

biyosecurity.be/bugs/wmnews.txtnvdExploit
www.securityfocus.com/bid/17076nvdExploit
secunia.com/advisories/19204nvdVendor Advisory
www.osvdb.org/23840nvd
www.osvdb.org/23841nvd
www.osvdb.org/23842nvd
www.securityfocus.com/archive/1/427479/100/0/threadednvd
www.vupen.com/english/advisories/2006/0939nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25210nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000