Unrated severityNVD Advisory· Published Jul 11, 2006· Updated Apr 16, 2026

CVE-2006-3514

Description

Multiple cross-site scripting (XSS) vulnerabilities in admin/actions.php in PHP-Blogger 2.2.5, and possibly earlier versions, allow remote attackers to execute arbitrary web script or HTML via the (1) name, (2) title, (3) news, (4) description, and (5) sitename parameters.

Affected products

Phpblogger/PHP Blogger
cpe:2.3:a:phpblogger:php-blogger:2.2.5:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20989nvd
securityreason.com/securityalert/1202nvd
www.securityfocus.com/archive/1/439440/100/0/threadednvd
www.securityfocus.com/bid/18909nvd
www.vupen.com/english/advisories/2006/2710nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27630nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000