Unrated severityNVD Advisory· Published Jan 13, 2007· Updated Apr 23, 2026

CVE-2006-6928

Description

Multiple cross-site scripting (XSS) vulnerabilities in Rialto 1.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to (a) listmain.asp or (b) searchmain.asp, the (2) the Keyword parameter to (c) searchkey.asp, or the (3) refno parameter to (d) forminfo.asp.

Affected products

Grandora/Rialto
cpe:2.3:a:grandora:rialto:1.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/21191nvdExploitVendor Advisory
secunia.com/advisories/23049nvdVendor Advisory
securityreason.com/securityalert/2143nvd
www.securityfocus.com/archive/1/452112/100/0/threadednvd
www.vupen.com/english/advisories/2006/4630nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30425nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000