Description

Multiple cross-site scripting (XSS) vulnerabilities in zenphoto 1.0.1 beta and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) a parameter in i.php, and the (2) album and (3) image parameters in index.php.

Remediation

References

CVE-2006-2187

Related Vulnerabilities

Atlassian Confluence CVE-2023-22505 Vulnerability (CVE-2023-22505)

WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (5.8.3.1)

Oracle HTTP Server Other Vulnerability (CVE-1999-1125)

WordPress Plugin Custom Permalinks Unspecified Vulnerability (0.7.15)

Atlassian Jira CVE-2018-5231 Vulnerability (CVE-2018-5231)

Severity

Medium

Classification

CVE-2006-2187

Tags

Missing Update Known Vulnerabilities