Vulnerabilities > CVE-2006-2955 - Unspecified vulnerability in Kaphotoservice

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
kaphotoservice
exploit available
NVD
Published: 2006-06-12
Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in KAPhotoservice 7.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) New Category (newcategory) or (2) apage parameter to (a) edtalbum.asp, or the (3) cat or (4) albumid parameter to (b) album.asp.

Vulnerable Configurations

Part Description Count
Application
Kaphotoservice
1

Exploit-Db

  • descriptionKAPhotoservice 7.5 album.asp cat Parameter XSS. CVE-2006-2955 . Webapps exploit for asp platform
    idEDB-ID:28002
    last seen2016-02-03
    modified2006-06-09
    published2006-06-09
    reporterr0t
    sourcehttps://www.exploit-db.com/download/28002/
    titleKAPhotoservice 7.5 album.asp cat Parameter XSS
  • descriptionKAPhotoservice 7.5 edtalbum.asp Multiple Parameter XSS. CVE-2006-2955. Webapps exploit for asp platform
    idEDB-ID:28004
    last seen2016-02-03
    modified2006-06-09
    published2006-06-09
    reporterr0t
    sourcehttps://www.exploit-db.com/download/28004/
    titleKAPhotoservice 7.5 edtalbum.asp Multiple Parameter XSS
  • descriptionKAPhotoservice 7.5 albums.asp albumid Parameter XSS. CVE-2006-2955 . Webapps exploit for asp platform
    idEDB-ID:28003
    last seen2016-02-03
    modified2006-06-09
    published2006-06-09
    reporterr0t
    sourcehttps://www.exploit-db.com/download/28003/
    titleKAPhotoservice 7.5 albums.asp albumid Parameter XSS

References