|
|
CVE Reference: CVE-2006-2397 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-2397 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in GPhotos 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) rep parameter to (a) index.php or (b) diapo.php or (2) image parameter to (c) affich.php. NOTE: item 1a might be resultant from directory traversal. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26426 SREASON http://securityreason.com/securityalert/906 SAID Secunia Advisory: SA20095 OSVDB 25499 25498 25497 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/433936/100/0/threaded BID 17967 |
|
| Return to the previous page. |
