CVE-2007-6135

2007-11-27T14:46:00
ID CVE-2007-6135
Type cve
Reporter NVD
Modified 2017-07-28T21:34:02

Description

Cross-site scripting (XSS) vulnerability in phpslideshow.php in PHPSlideShow 0.9.9.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the directory parameter. NOTE: this issue was originally reported for toonchapter8.php, but this is probably a site-specific name, since the PHPSlideShow distribution does not contain that file.