Vulnerabilities > CVE-2006-6936 - Input Validation vulnerability in Pensacola web Designs Xtremeasp Photogallery 2.0

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
pensacola-web-designs
exploit available
NVD
Published: 2007-01-17
Updated: 2018-10-16

Summary

Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary HTML or web script via (1) the catname parameter to displaypic.asp or (2) the search field. NOTE: vector 1 likely overlaps CVE-2006-3032.

Vulnerable Configurations

Part Description Count
Application
Pensacola_Web_Designs
1

Exploit-Db

descriptionXtreme ASP Photo Gallery 2.0 displaypic.asp catname Parameter XSS. CVE-2006-6936. Webapps exploit for asp platform
idEDB-ID:29064
last seen2016-02-03
modified2006-11-16
published2006-11-16
reporterAria-Security Team
sourcehttps://www.exploit-db.com/download/29064/
titleXtreme ASP Photo Gallery 2.0 displaypic.asp catname Parameter XSS

References