{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T05:14:18.969","vulnerabilities":[{"cve":{"id":"CVE-2006-0650","sourceIdentifier":"cve@mitre.org","published":"2006-02-13T11:06:00.000","lastModified":"2026-04-16T00:27:16.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in cpaint2.inc.php in the CPAINT library before 2.0.3, as used in multiple scripts, allows remote attackers to inject arbitrary web script or HTML via the cpaint_response_type parameter, which is displayed in a resulting error message, as demonstrated using a hex-encoded IFRAME tag."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:1.0:*:*:*:*:*:*:*","matchCriteriaId":"E2AAE9DB-2CBA-4F2D-AEB5-052137E1ED7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:1.01:*:*:*:*:*:*:*","matchCriteriaId":"2A93AB53-43AC-4694-AEFE-A3FF7551FEC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:1.2:*:*:*:*:*:*:*","matchCriteriaId":"C39CEF80-EAF6-49D3-9A61-2A986B9A3683"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:1.3:*:*:*:*:*:*:*","matchCriteriaId":"ED126FD2-0BE5-4F49-BDFC-7D9D31E9A0EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:1.3_sp:*:*:*:*:*:*:*","matchCriteriaId":"F4BE17ED-6A16-4199-B0C7-0386C7918760"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:1.3_sp1:*:*:*:*:*:*:*","matchCriteriaId":"43FCC607-60D7-41E4-9CA9-DB6B5FFE342F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"94B9AA74-E90F-4DC0-94BB-50EE6F66008C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"FAF51E3F-0D03-4D04-B31D-78E628CC9F1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"EB028DBD-5086-4448-855A-AE9B1C2D46BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cpaint:cpaint:pre1.0:*:*:*:*:*:*:*","matchCriteriaId":"79DADF62-8883-48D4-A0EC-CBC55F140E86"}]}]}],"references":[{"url":"http://cpaint.booleansystems.com/forums/viewtopic.php?t=98","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://secunia.com/advisories/18765","source":"cve@mitre.org","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"http://securitytracker.com/id?1015608","source":"cve@mitre.org"},{"url":"http://www.gulftech.org/?node=research&article_id=00097-02092006","source":"cve@mitre.org","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/archive/1/424663/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/16559","source":"cve@mitre.org"},{"url":"http://www.vupen.com/english/advisories/2006/0487","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/24594","source":"cve@mitre.org"},{"url":"http://cpaint.booleansystems.com/forums/viewtopic.php?t=98","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/18765","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"http://securitytracker.com/id?1015608","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.gulftech.org/?node=research&article_id=00097-02092006","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/archive/1/424663/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/16559","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.vupen.com/english/advisories/2006/0487","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/24594","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}