Unrated severityNVD Advisory· Published Oct 3, 2006· Updated Apr 23, 2026

CVE-2006-5106

Description

Cross-site scripting (XSS) vulnerability in FacileForms before 1.4.7 for Mambo and Joomla!, when either register_globals or RG_EMULATION is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected products

Facileforms/Facileforms16 versions
cpe:2.3:a:facileforms:facileforms:1.2:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:facileforms:facileforms:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:facileforms:facileforms:1.4.6g:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.facileforms.biz/content/view/108/140/nvdPatch
www.securityfocus.com/bid/20254nvdPatch
secunia.com/advisories/22125nvdVendor Advisory
www.osvdb.org/29237nvd
www.vupen.com/english/advisories/2006/3817nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000