Vulnerabilities > CVE-2006-3265 - Cross-Site Scripting vulnerability in Qdig
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 13 |