Unrated severityNVD Advisory· Published Apr 20, 2006· Updated Apr 16, 2026

CVE-2006-1946

Description

Multiple cross-site scripting (XSS) vulnerabilities in Visale 1.0 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the keyval parameter in pbpgst.cgi, (2) the catsubno parameter in pblscg.cgi, and (3) the listno parameter in pblsmb.cgi.

Affected products

Visale/Visale
cpe:2.3:a:visale:visale:*:*:*:*:*:*:*:*
Range: <=1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/19655nvdExploitVendor Advisory
www.osvdb.org/24716nvdExploit
www.osvdb.org/24717nvdExploit
www.osvdb.org/24718nvdExploit
www.securityfocus.com/bid/17598nvdExploit
pridels0.blogspot.com/2006/04/visale-xss-vuln.htmlnvd
www.vupen.com/english/advisories/2006/1408nvd
exchange.xforce.ibmcloud.com/vulnerabilities/25928nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000