VYPR
Unrated severityNVD Advisory· Published Jun 7, 2006· Updated Jun 16, 2026

CVE-2006-2891

CVE-2006-2891

Description

Cross-site scripting (XSS) vulnerability in admin/index.php for Pixelpost 1-5rc1-2 and earlier allows remote attackers to inject arbitrary HTML or web script via the loginmessage parameter.

Affected products

2
  • cpe:2.3:a:pixelpost:pixelpost:1.5_rc1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:pixelpost:pixelpost:1.5_rc1:*:*:*:*:*:*:*
    • (no CPE)range: <= 1-5rc1-2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.