Vulnerabilities > CVE-2006-2294 - Input Validation vulnerability in Timobraun Dynamic Galerie 1.0
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows remote attackers to inject arbitrary web script or HTML via the pfad parameter in (1) index.php and (2) galerie.php. NOTE: this issue might be resultant from directory traversal.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description timobraun Dynamic Galerie 1.0 index.php pfad Parameter XSS. CVE-2006-2294. Webapps exploit for php platform id EDB-ID:27840 last seen 2016-02-03 modified 2006-05-08 published 2006-05-08 reporter d4igoro source https://www.exploit-db.com/download/27840/ title timobraun Dynamic Galerie 1.0 index.php pfad Parameter XSS description timobraun Dynamic Galerie 1.0 galerie.php id Parameter XSS. CVE-2006-2294 . Webapps exploit for php platform id EDB-ID:27841 last seen 2016-02-03 modified 2006-05-08 published 2006-05-08 reporter d4igoro source https://www.exploit-db.com/download/27841/ title timobraun Dynamic Galerie 1.0 galerie.php id Parameter XSS