2 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in PHPWebGallery 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, a different vulnerability than CVE-2006-1675...
CVE-2006-1675
PHPWebGallery 1.4.1 contains cross-site scripting (XSS) vulnerabilities tracked as CVE-2006-1675. The flaws permit remote attackers to inject arbitrary web script or HTML by supplying crafted values for (1) cat, (2) num, and (3) search parameters to category.php, and (4) slideshow, (5) show_metad...