Unrated severityNVD Advisory· Published Jun 13, 2006· Updated Jun 16, 2026
CVE-2006-2991
CVE-2006-2991
Description
Multiple cross-site scripting (XSS) vulnerabilities in Ringlink 3.2 allow remote attackers to inject arbitrary web script or HTML via a JavaScript URI in the SRC attribute of an IMG element, and possibly other manipulations, in the ringid parameter in (1) next.cgi, (2) stats.cgi, or (3) list.cgi.
Affected products
2Patches
Vulnerability mechanics
References
9- secunia.com/advisories/20590nvdVendor Advisory
- securityreason.com/securityalert/1082nvd
- www.osvdb.org/26318nvd
- www.osvdb.org/26319nvd
- www.osvdb.org/26320nvd
- www.securityfocus.com/archive/1/436690/100/0/threadednvd
- www.securityfocus.com/bid/18360nvd
- www.vupen.com/english/advisories/2006/2281nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27053nvd
News mentions
0No linked articles in our index yet.