Unrated severityNVD Advisory· Published Jun 27, 2006· Updated Jun 16, 2026

CVE-2006-3259

Description

Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the (1) ep parameter to search.php and the (2) subject parameter in comment.php (aka the Subject field when posting a comment).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

E107/E107llm-fuzzy
Range: =0.7.5

Patches

Vulnerability mechanics

References

secunia.com/advisories/20727nvdExploitVendor Advisory
www.securityfocus.com/bid/18560nvdExploit
securityreason.com/securityalert/1151nvd
www.securityfocus.com/archive/1/437649/100/0/threadednvd
www.securityfocus.com/bid/18508nvd
www.vupen.com/english/advisories/2006/2460nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27240nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27242nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000