Unrated severityNVD Advisory· Published Jun 29, 2006· Updated Apr 16, 2026
CVE-2006-3306
CVE-2006-3306
Description
Cross-site scripting (XSS) vulnerability in the preparestring function in lib/common.php in Project EROS bbsengine before 20060501-0142-jam, and possibly earlier versions dating back to 2006-02-23, might allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
Affected products
2cpe:2.3:a:zoid_technologies:project_eros_bbsengine:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:zoid_technologies:project_eros_bbsengine:*:*:*:*:*:*:*:*range: <=2006-04-29
- cpe:2.3:a:zoid_technologies:project_eros_bbsengine:2006-02-23:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5News mentions
0No linked articles in our index yet.