Published: 10/04/2006 Updated: 18/10/2018

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 270

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery 1.4.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) cat, (2) num, and (3) search parameters to (a) category.php, and the (4) slideshow, (5) show_metadata, and (6) start parameters to (b) picture.php, a different vulnerability than CVE-2006-1674.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phpwebgallery phpwebgallery 1.4.1

source: wwwsecurityfocuscom/bid/17421/info PHPWebGallery is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the cont ...

source: wwwsecurityfocuscom/bid/17421/info PHPWebGallery is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the co ...

NVD-CWE-Other http://www.securityfocus.com/bid/17421 http://secunia.com/advisories/19610 http://www.vupen.com/english/advisories/2006/1301 https://exchange.xforce.ibmcloud.com/vulnerabilities/25733 http://www.securityfocus.com/archive/1/430481/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/27587/

CVE-2006-1675

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect