4 matches found
EUVD-2006-1352
Malware in sbrugna...
CVE-2006-1348
Cross-site scripting XSS vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the langfile parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Greg Neustaetter gCards 1.45 and earlier allows remote attackers to inject arbitrary web script or HTML via the langfile parameter, which is injected into an error message. NOTE: this issue might be resultant from CVE-2006-1346...
CVE-2006-1346
The CVE-2006-1346 issue affects gCards, a PHP-based greeting card system, specifically versions 1.45 and earlier. The vulnerability stems from improper sanitization of input to the setLang.php script (lang[*][file]), invoked by index.php, allowing directory traversal to include/execute local file...