Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2006-1760

Published: 13/04/2006 Updated: 20/07/2017
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 450
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Jetphotosoft.com

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in JetPhoto allow remote malicious users to inject arbitrary web script or HTML via the page parameter in (1) Classic.view/thumbnail.php, (2) Classic.view/gallery.php, (3) Classic.view/detail.php, or (4) Orange.view/detail.php; or (5) the name parameter in Orange.view/slideshow.php.

Vulnerable Product Search on Vulmon Subscribe to Product

jetphotosoft.com jetphoto 1.0

jetphotosoft.com jetphoto 2.0

jetphotosoft.com jetphoto 2.1

Exploits

Exploit DB: JetPhoto 1.0/2.0/2.1 - 'thumbnail.php?page' Cross-Site Scripting
source: wwwsecurityfocuscom/bid/17449/info JetPhoto is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context o ...
Exploit DB: JetPhoto 1.0/2.0/2.1 - 'gallery.php?page' Cross-Site Scripting
source: wwwsecurityfocuscom/bid/17449/info JetPhoto is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context ...
Exploit DB: JetPhoto 1.0/2.0/2.1 - 'detail.php?page' Cross-Site Scripting
source: wwwsecurityfocuscom/bid/17449/info JetPhoto is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the con ...
Exploit DB: JetPhoto 1.0/2.0/2.1 - 'Slideshow.php?name' Cross-Site Scripting
source: wwwsecurityfocuscom/bid/17449/info JetPhoto is prone to multiple cross-site scripting vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the conte ...

References

CWE-79http://www.securityfocus.com/bid/17449http://secunia.com/advisories/19603http://www.osvdb.org/24491http://www.osvdb.org/24492http://www.osvdb.org/24494http://www.osvdb.org/24493http://www.vupen.com/english/advisories/2006/1300http://marc.info/?l=full-disclosure&m=114472089719033&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/25745https://nvd.nist.govhttps://www.exploit-db.com/exploits/27616/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereferenceCVE-2023-52689CVE-2024-23803client sideCVE-2023-52696information disclosureCVE-2024-35843CVE-2024-27130CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook