Vulnerabilities > CVE-2006-3026 - Cross-Site Scripting vulnerability in ClickGallery
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
clicktech
Summary
Multiple cross-site scripting (XSS) vulnerabilities in ClickGallery 5.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) gallery_id parameter in gallery.asp and (2) parentcurrentpage parameter in view_gallery.asp.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |