CVE-2006-3377

N/A Unknown
Published: July 06, 2006 Modified: April 16, 2026
View on NVD

Description

Cross-site scripting (XSS) vulnerability in JMB Software AutoRank PHP 3.02 and earlier, and AutoRank Pro 5.01 and earlier, allows remote attackers to inject arbitrary web script or HTML via the (1) Keyword parameter in search.php and the (2) Username parameter in main.cgi.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/20903
Source: cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/20929
Source: cve@mitre.org
http://securitytracker.com/id?1016428
Source: cve@mitre.org
http://securitytracker.com/id?1016429
Source: cve@mitre.org
http://www.majorsecurity.de/advisory/major_rls19.txt
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/438941/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/bid/18796
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2006/2658
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2006/2659
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/27552
Source: cve@mitre.org
http://secunia.com/advisories/20903
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/20929
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1016428
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1016429
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.majorsecurity.de/advisory/major_rls19.txt
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/438941/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/18796
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/2658
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2006/2659
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/27552
Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.0%
77th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

jmb_software