Unrated severityNVD Advisory· Published Mar 19, 2006· Updated Jun 16, 2026
CVE-2006-1293
CVE-2006-1293
Description
Cross-site scripting (XSS) vulnerability in index.php in Contrexx CMS 1.0.8 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string (PHP_SELF).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:astalavista_it_engineering:contrexx:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:astalavista_it_engineering:contrexx:*:*:*:*:*:*:*:*range: <=1.0.8
- cpe:2.3:a:astalavista_it_engineering:contrexx:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:astalavista_it_engineering:contrexx:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:astalavista_it_engineering:contrexx:1.0.7:*:*:*:*:*:*:*
- Range: <=1.0.8
Patches
Vulnerability mechanics
References
9- soot.shabgard.org/Contrexx-CMS.txtnvdExploit
- www.securityfocus.com/bid/17128nvdExploit
- secunia.com/advisories/19294nvdVendor Advisory
- securityreason.com/securityalert/599nvd
- www.contrexx.comnvd
- www.contrexx.comnvd
- www.securityfocus.com/archive/1/428075/100/0/threadednvd
- www.vupen.com/english/advisories/2006/1013nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25332nvd
News mentions
0No linked articles in our index yet.