Vulnerabilities > CVE-2006-3563 - Cross-Site Scripting vulnerability in Winged Gallery Winged Gallery 1.0

047910
CVSS 2.6 - LOW
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
high complexity
winged-gallery
exploit available
NVD
Published: 2006-07-13
Updated: 2018-10-18

Summary

Cross-site scripting (XSS) vulnerability in gallery/thumb.php in Winged Gallery 1.0 allows remote attackers to inject arbitrary web script or HTML via the image parameter.

Vulnerable Configurations

Part Description Count
Application
Winged_Gallery
1

Exploit-Db

descriptionWinged Gallery 1.0 Thumb.PHP Cross-Site Scripting Vulnerability. CVE-2006-3563. Webapps exploit for php platform
idEDB-ID:28102
last seen2016-02-03
modified2006-06-24
published2006-06-24
reporterLuny
sourcehttps://www.exploit-db.com/download/28102/
titleWinged Gallery 1.0 Thumb.PHP Cross-Site Scripting Vulnerability

References