Multiple cross-site scripting (XSS) vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) var1 and (2) keyword parameters.
CPE | Name | Operator | Version |
---|---|---|---|
phpalbum | eq | 0.3.1 fix2 | |
phpalbum | eq | 0.4.1-14 fix3 | |
phpalbum | eq | 0.4.1-14 fix5 | |
phpalbum | eq | 0.3.0 | |
phpalbum | eq | 0.4.1.14 | |
phpalbum | eq | 0.4.1-14 fix2 | |
phpalbum | eq | 0.4.1.15 | |
phpalbum | eq | 0.4.1-14 | |
phpalbum | eq | 0.2.2 | |
phpalbum | eq | 0.3.1 |