VYPR
Unrated severityNVD Advisory· Published Dec 11, 2006· Updated Jun 16, 2026

CVE-2006-6459

CVE-2006-6459

Description

Cross-site scripting (XSS) vulnerability in toplist.php in PhpBB Toplist 1.3.7 allows remote attackers to inject arbitrary HTML or web script via the (1) Name and (2) Information fields when adding a new site (toplistnew action).

Affected products

2
  • PhpBB/Toplist2 versions
    cpe:2.3:a:phpbb:toplist:1.3.7:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:phpbb:toplist:1.3.7:*:*:*:*:*:*:*
    • (no CPE)range: 1.3.7

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.