Vulnerabilities > Scry Gallery
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-04-25 | CVE-2006-2001 | Cross-Site Scripting vulnerability in Scry Gallery Scry Gallery 1.1 Cross-site scripting (XSS) vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the p parameter. network scry-gallery | 4.3 |
2006-04-25 | CVE-2006-1996 | Cross-Site Scripting vulnerability in Scry Gallery Scry Gallery 1.1 Scry Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid p parameter, which reveals the path in an error message. | 5.0 |
2006-04-25 | CVE-2006-1995 | Directory Traversal vulnerability in Scry Gallery Scry Gallery 1.1 Directory traversal vulnerability in index.php in Scry Gallery 1.1 allows remote attackers to read arbitrary files via ".." sequences in the p parameter, which is not properly sanitized due to an rtrim function call with the arguments in the wrong order. | 5.0 |