Published: 02/05/2005 Updated: 18/10/2016

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 445

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 5.x allow remote malicious users to inject arbitrary web script or HTML via the (1) cat, (2) password, (3) ppuser, (4) sort, or (5) si parameters to showgallery.php, the (6) ppuser, (7) sort, or (8) si parameters to showmembers.php, or (9) the photo parameter to slideshow.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
photopost photopost php pro 5.02

source: wwwsecurityfocuscom/bid/12920/info Multiple input validation vulnerabilities reportedly affect PhotoPost Pro These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions The first set of issues are cross-site scripting vulnerabilities that affect ...

source: wwwsecurityfocuscom/bid/12920/info Multiple input validation vulnerabilities reportedly affect PhotoPost Pro These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions The first set of issues are cross-site scripting vulnerabilities that affe ...

source: wwwsecurityfocuscom/bid/12920/info Multiple input validation vulnerabilities reportedly affect PhotoPost Pro These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions The first set of issues are cross-site scripting vulnerabilities that affect t ...

NVD-CWE-Other http://securitytracker.com/id?1013581 http://secunia.com/advisories/14742 http://www.osvdb.org/15096 http://www.osvdb.org/15097 http://www.osvdb.org/15098 http://marc.info/?l=bugtraq&m=111205342909640&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/25309/

CVE-2005-0928

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect