Vulnerabilities > CVE-2006-5057 - Cross-Site Scripting vulnerability in Photostore

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
ktools-net
exploit available

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Ktools.net PhotoStore allow remote attackers to inject arbitrary web script or HTML via the (1) gid parameter in details.php, or the (2) photogid parameter in view_photog.php.

Vulnerable Configurations

Part Description Count
Application
Ktools.Net
1

Exploit-Db

  • descriptionPhotoStore details.php gid Parameter XSS. CVE-2006-5057. Webapps exploit for php platform
    idEDB-ID:28662
    last seen2016-02-03
    modified2006-09-25
    published2006-09-25
    reportermeto5757
    sourcehttps://www.exploit-db.com/download/28662/
    titlePhotoStore details.php gid Parameter XSS
  • descriptionPhotoStore view_photog.php photogid Parameter XSS. CVE-2006-5057 . Webapps exploit for php platform
    idEDB-ID:28663
    last seen2016-02-03
    modified2006-09-25
    published2006-09-25
    reportermeto5757
    sourcehttps://www.exploit-db.com/download/28663/
    titlePhotoStore view_photog.php photogid Parameter XSS