Unrated severityNVD Advisory· Published Apr 21, 2006· Updated Apr 16, 2026
CVE-2006-1965
CVE-2006-1965
Description
Multiple cross-site scripting (XSS) vulnerabilities in aasi media Net Clubs Pro 4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) onuser, (2) pass, (3) chatsys, (4) room, (5) username, and (6) to parameters in (a) sendim.cgi; the (7) username parameter in (b) imessage.cgi; the (8) password parameter in (c) login.cgi; and the (9) cat_id parameter in (d) viewcat.cgi.
Affected products
1- cpe:2.3:a:aasi_media:net_clubs_pro:4.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- pridels0.blogspot.com/2006/04/net-clubs-pro-xss-vuln.htmlnvd
- secunia.com/advisories/19651nvd
- www.osvdb.org/24754nvd
- www.osvdb.org/24755nvd
- www.osvdb.org/24756nvd
- www.osvdb.org/24757nvd
- www.securityfocus.com/bid/17622nvd
- www.vupen.com/english/advisories/2006/1436nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/25957nvd
News mentions
0No linked articles in our index yet.