Unrated severityNVD Advisory· Published Nov 28, 2006· Updated Apr 23, 2026

CVE-2006-6153

Description

Multiple cross-site scripting (XSS) vulnerabilities in vSpin.net Classified System 2004 allow remote attackers to inject arbitrary web script or HTML via (1) catname parameter to cat.asp or the (2) minprice parameter to search.asp.

Affected products

Vspin.net/Classified System
cpe:2.3:a:vspin.net:classified_system:2004:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/21190nvdExploit
secunia.com/advisories/22987nvdVendor Advisory
s-a-p.ca/index.phpnvdURL Repurposed
securityreason.com/securityalert/1926nvd
securitytracker.com/idnvd
www.securityfocus.com/archive/1/452179/100/100/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/30446nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000