CVE-2006-2001 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-2001
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2001

Description: Cross-site scripting (XSS) vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the p parameter. NOTE: this is a different vulnerability than the directory traversal vector.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/26101 VIM http://attrition.org/pipermail/vim/2006-April/000716.html SREASON http://securityreason.com/securityalert/783 SAID Secunia Advisory: SA19777 OSVDB 24891 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/431853/100/0/threaded BID 17668

Return to the previous page.