Published: 26/04/2006 Updated: 18/10/2018

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 590

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote malicious users to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the source code for version 1.0.2 of the product.

Vulnerable Product	Search on Vulmon	Subscribe to Product
verosky media instant photo gallery 1.0

source: wwwsecurityfocuscom/bid/17696/info Instant Photo Gallery is prone to multiple cross-site scripting vulnerabilities These issues are due to the application's failure to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the ...

source: wwwsecurityfocuscom/bid/17696/info Instant Photo Gallery is prone to multiple cross-site scripting vulnerabilities These issues are due to the application's failure to properly sanitize user-supplied input An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in ...

NVD-CWE-Other http://www.securityfocus.com/bid/17696 http://www.osvdb.org/24984 http://securityreason.com/securityalert/790 http://www.securityfocus.com/archive/1/432241/100/0/threaded http://www.securityfocus.com/archive/1/432022/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/27737/

CVE-2006-2052

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect