Unrated severityNVD Advisory· Published Oct 3, 2006· Updated Jun 16, 2026
CVE-2006-5127
CVE-2006-5127
Description
Multiple cross-site scripting (XSS) vulnerabilities in Bartels Schoene ConPresso before 4.0.5a allow remote attackers to inject arbitrary web script or HTML via (1) the nr parameter in detail.php, (2) the msg parameter in db_mysql.inc.php, and (3) the pos parameter in index.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <4.0.5a
Patches
Vulnerability mechanics
References
8- download.compresso.de/compresso-4.0.5a.zipnvdPatch
- www.majorsecurity.de/index_2.phpnvdExploit
- www.securityfocus.com/bid/20273nvdExploitPatch
- secunia.com/advisories/22145nvd
- securityreason.com/securityalert/1671nvd
- www.securityfocus.com/archive/1/447358/100/0/threadednvd
- www.vupen.com/english/advisories/2006/3868nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/29272nvd
News mentions
0No linked articles in our index yet.