Vulnerabilities > CVE-2006-1675 - Unspecified vulnerability in PHPwebgallery 1.4.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phpwebgallery
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) num, and (3) search parameters to (a) category.php, and the (4) slideshow, (5) show_metadata, and (6) start parameters to (b) picture.php, a different vulnerability than CVE-2006-1674.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
description PhpWebGallery 1.4.1 category.php Multiple Parameter XSS. CVE-2006-1675. Webapps exploit for php platform id EDB-ID:27587 last seen 2016-02-03 modified 2006-04-10 published 2006-04-10 reporter Psych0 source https://www.exploit-db.com/download/27587/ title PhpWebGallery 1.4.1 category.php Multiple Parameter XSS description PhpWebGallery 1.4.1 picture.php Multiple Parameter XSS. CVE-2006-1675. Webapps exploit for php platform id EDB-ID:27588 last seen 2016-02-03 modified 2006-04-10 published 2006-04-10 reporter Psych0 source https://www.exploit-db.com/download/27588/ title PhpWebGallery 1.4.1 picture.php Multiple Parameter XSS
References
- http://secunia.com/advisories/19610
- http://secunia.com/advisories/19610
- http://www.securityfocus.com/archive/1/430481/100/0/threaded
- http://www.securityfocus.com/archive/1/430481/100/0/threaded
- http://www.securityfocus.com/bid/17421
- http://www.securityfocus.com/bid/17421
- http://www.vupen.com/english/advisories/2006/1301
- http://www.vupen.com/english/advisories/2006/1301
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25733
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25733