Unrated severityNVD Advisory· Published Jun 5, 2006· Updated Apr 16, 2026

CVE-2006-2810

Description

Multiple cross-site scripting (XSS) vulnerabilities in Belchior Foundry vCard 2.9 allow remote attackers to inject arbitrary web script or HTML via the page parameter in (1) toprated.php and (2) newcards.php. NOTE: the card_id vector is already covered by CVE-2006-1230.

Affected products

Belchior Foundry/Vcard
cpe:2.3:a:belchior_foundry:vcard:2.9:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvdExploit
secunia.com/advisories/19216nvd
securityreason.com/securityalert/1034nvd
securityreason.com/securityalert/571nvd
www.securityfocus.com/archive/1/435310/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/26838nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000