2 matches found
CVE-2006-2397
CVE-2006-2397 affects GPhotos 1.5 and earlier, with XSS vulnerabilities that allow remote attackers to inject arbitrary scripts or HTML via the rep parameter to index.php or diapo.php, or via the image parameter to affich.php. A note suggests item 1a could arise from directory traversal. The conn...
CVE-2006-2397
Multiple cross-site scripting XSS vulnerabilities in GPhotos 1.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 rep parameter to a index.php or b diapo.php or 2 image parameter to c affich.php. NOTE: item 1a might be resultant from directory traversal...