Cross-site scripting (XSS) vulnerability in index.php in Greg Neustaetter gCards 1.45 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the lang[*][file] parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
greg neustaetter gcards |
||
greg neustaetter gcards 1.43 |
||
greg neustaetter gcards 1.44 |