Published: 14/12/2006 Updated: 17/10/2018

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 695

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple cross-site scripting (XSS) vulnerabilities in KDPics 1.16 and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) categories parameter to (a) index.php3 or (b) galeries.inc.php3.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kdpics kdpics

source: wwwsecurityfocuscom/bid/21515/info KDPics is prone to multiple input-validation vulnerabilities, including cross-site scripting and remote file-include issues, because the application fails to sanitize user-supplied input A successful exploit may allow unauthorized users to view files, to execute arbitrary scripts within the c ...

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- KDPics <= Remote File Include Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Discovered by AsTrex "Rif Hackers Team" -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ...

source: wwwsecurityfocuscom/bid/21515/info KDPics is prone to multiple input-validation vulnerabilities, including cross-site scripting and remote file-include issues, because the application fails to sanitize user-supplied input A successful exploit may allow unauthorized users to view files, to execute arbitrary scripts within the con ...

NVD-CWE-Other http://www.securityfocus.com/bid/21515 http://secunia.com/advisories/23313 http://www.vupen.com/english/advisories/2006/4930 http://www.securityfocus.com/archive/1/453962/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/29255/

CVE-2006-6517

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect