Unrated severityNVD Advisory· Published Nov 3, 2006· Updated Apr 23, 2026

CVE-2006-5661

Description

Cross-site scripting (XSS) vulnerability in nquser.php in VIRtech Netquery allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header.

Affected products

Virtech/Netquery4 versions
cpe:2.3:a:virtech:netquery:e107_edition:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:virtech:netquery:e107_edition:*:*:*:*:*:*:*
- cpe:2.3:a:virtech:netquery:postnuke_edition:*:*:*:*:*:*:*
- cpe:2.3:a:virtech:netquery:xaraya_edition:*:*:*:*:*:*:*
- cpe:2.3:a:virtech:netquery:xoops_edition:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/20837nvdExploit
www.zion-security.com/text/XSS_Vulnerability_VIRtechs_Netquery.txtnvdExploit
lists.grok.org.uk/pipermail/full-disclosure/2006-October/050462.htmlnvd
secunia.com/advisories/22864nvd
securityreason.com/securityalert/1807nvd
securitytracker.com/idnvd
virtech.org/tools/nvd
www.securityfocus.com/archive/1/450270/100/0/threadednvd
www.securityfocus.com/archive/1/451350/100/100/threadednvd
www.vupen.com/english/advisories/2006/4512nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29927nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.010
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000