Unrated severityNVD Advisory· Published Apr 4, 2006· Updated Jun 16, 2026

CVE-2006-1603

Description

Cross-site scripting (XSS) vulnerability in profile.php in phpBB 2.0.19 allows remote attackers to inject arbitrary web script or HTML via the cur_password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

PhpBB/phpBB2 versions
cpe:2.3:a:phpbb_group:phpbb:2.0.19:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:phpbb_group:phpbb:2.0.19:*:*:*:*:*:*:*
- (no CPE)range: =2.0.19

Patches

Vulnerability mechanics

References

secunia.com/advisories/19494nvdVendor Advisory
osvdb.org/ref/24/24353-phpbb.txtnvd
www.osvdb.org/24353nvd
www.securityfocus.com/bid/17355nvd
www.vupen.com/english/advisories/2006/1191nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25599nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000