Vulnerabilities > JAN Chmelik
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-06-01 | CVE-2006-2729 | Cross-Site Scripting vulnerability in JAN Chmelik Photoalbum Bandw 1.3 Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the gal parameter. | 2.6 |
2006-06-01 | CVE-2006-2728 | Cross-Site Scripting vulnerability in JAN Chmelik Photoalbum Bandw 1.3 Cross-site scripting (XSS) vulnerability in superalbum/index.php in Photoalbum B&W 1.3 allows remote attackers to inject arbitrary web script or HTML via the pic parameter. | 2.6 |