Unrated severityNVD Advisory· Published Jan 17, 2007· Updated Apr 23, 2026

CVE-2006-6936

Description

Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary HTML or web script via (1) the catname parameter to displaypic.asp or (2) the search field. NOTE: vector 1 likely overlaps CVE-2006-3032.

Affected products

Pensacola Web Designs/Xtremeasp Photogallery
cpe:2.3:a:pensacola_web_designs:xtremeasp_photogallery:2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/21138nvdExploit
securityreason.com/securityalert/2148nvd
www.securityfocus.com/archive/1/451786/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/30327nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000