Unrated severityNVD Advisory· Published Jun 2, 2006· Updated Jun 16, 2026

CVE-2006-2764

Description

Cross-site scripting (XSS) vulnerability in GuestbookXL 1.3 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in an IMG tag in a comment field to (1) guestwrite.php or (2) guestbook.php.

Affected products

Xander Ladage/Guestbookxl
cpe:2.3:a:xander_ladage:guestbookxl:1.3:*:*:*:*:*:*:*
Bg Guestbook/Bg Guestbookllm-fuzzy
Range: =1.3

Patches

Vulnerability mechanics

References

archives.neohapsis.com/archives/bugtraq/2006-05/0526.htmlnvd
securityreason.com/securityalert/1017nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26689nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000