Lucene search
HistoryApr 10, 2006 - 7:02 p.m.
CVE-2006-1675
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.008
Percentile
81.8%
Multiple cross-site scripting (XSS) vulnerabilities in PHPWebGallery 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) num, and (3) search parameters to (a) category.php, and the (4) slideshow, (5) show_metadata, and (6) start parameters to (b) picture.php, a different vulnerability than CVE-2006-1674.
Affected configurations
Node
phpwebgalleryphpwebgalleryMatch1.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpwebgallery | phpwebgallery | 1.4.1 | cpe:2.3:a:phpwebgallery:phpwebgallery:1.4.1:*:*:*:*:*:*:* |
Related
cvelist
cvelist
prion
prion
Cross site scripting
2006-04-10 19:02:00
Cross site scripting
2006-04-10 19:02:00
Cross site scripting
2007-02-26 17:28:00
nvd
nvd
CVE-2006-1674
2006-04-10 19:02:00
CVE-2007-1109
2007-02-26 17:28:00
cve
cve
exploitdb
exploitdb
PHPWebGallery 1.4.1 - 'picture.php' Cross-Site Scripting
2006-04-10 00:00:00
PHPWebGallery 1.4.1 - 'category.php' Cross-Site Scripting
2006-04-10 00:00:00
CVSS2
2.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
AI Score
5.6
Confidence
High
EPSS
0.008
Percentile
81.8%
Related for NVD:CVE-2006-1675