|
|
Softbiz Photo Gallery Multiple Cross Site Scripting Vulnerabilities
To exploit these issues, an attacker must entice an unsuspecting victim into following a malicious URI. The following example URIs are available: http://www.example.com/index.php?latest=[XSS] http://www.example.com/index.php?msg=[XSS] http://www.example.com/images.php?latest=[XSS] http://www.example.com/images.php?msg=[XSS] http://www.example.com/suggest_image.php?latest=[XSS] http://www.example.com/suggest_image.php?msg=[XSS] http://www.example.com/image_desc.php?latest=[XSS] http://www.example.com/image_desc.php?msg=[XSS] http://www.example.com/admin/index.php?msg=[XSS] http://www.example.com/admin/adminhome.php?msg=[XSS] http://www.example.com/admin/config.php?msg=[XSS] http://www.example.com/admin/changepassword.php?msg=[XSS] http://www.example.com/admin/cleanup.php?msg=[XSS] http://www.example.com/admin/browsecats.php?msg=[XSS] http://www.example.com/admin/images.php?msg=[XSS] |
|
Privacy Statement |