Unrated severityNVD Advisory· Published Jul 24, 2006· Updated Apr 16, 2026

CVE-2006-3769

Description

Multiple cross-site scripting (XSS) vulnerabilities in Top XL 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) pass and (2) pass2 parameters in (a) add.php or the (3) id parameter in (b) members/index.php.

Affected products

Top Xl/Top Xl2 versions
cpe:2.3:a:top_xl:top_xl:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:top_xl:top_xl:*:*:*:*:*:*:*:*range: <=1.1
- cpe:2.3:a:top_xl:top_xl:1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.majorsecurity.de/advisory/major_rls22.txtnvdExploitVendor Advisory
www.securityfocus.com/bid/19098nvdExploit
secunia.com/advisories/21145nvdVendor Advisory
securityreason.com/securityalert/1267nvd
securitytracker.com/idnvd
www.osvdb.org/27413nvd
www.osvdb.org/27414nvd
www.securityfocus.com/archive/1/440652/100/0/threadednvd
www.securityfocus.com/archive/1/440889/100/100/threadednvd
www.vupen.com/english/advisories/2006/2914nvd
exchange.xforce.ibmcloud.com/vulnerabilities/27880nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000