CyberSec.Space Logo
Back to CVE Browser

CVE-2006-2651

LOW
2.6
CVSS Severity Score
EPSS Score0.1780%
EPSS Percentile17.82th
PublishedMay 30, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in index.php in Vacation Rental Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the obj parameter.

Affected Platforms (CPE)

πŸ“¦
Vacation Rentals

Vacation Rental Script

= 1.0

References & Advisories

πŸ”— http://secunia.com/advisories/20324
πŸ”— http://securityreason.com/securityalert/982
πŸ”— http://www.securityfocus.com/archive/1/435167/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/437938/100/200/threaded
πŸ”— http://www.securityfocus.com/bid/18134
πŸ”— http://www.vupen.com/english/advisories/2006/2015
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/26728
πŸ”— http://secunia.com/advisories/20324

Related Vulnerabilities

CVE-2008-36037.5

SQL injection vulnerability in index.php in Vacation Rental Script 3.0 allows remote attackers to execute arbitrary SQL commands v...

CVE-2012-43246.8

Cross-site request forgery (CSRF) vulnerability in PHPJabbers Vacation Rental Script allows remote attackers to hijack the authent...

CVE-2012-65874.3

Cross-site scripting (XSS) vulnerability in vacation/1_mobile/alert_members.php in MYRE Vacation Rental Software allows remote att...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...