CVE-2006-3006
The CVE-2006-3006 entry describes a Cross-site scripting (XSS) vulnerability in iFoto 0.20 and possibly earlier versions before 0.50, exploitable via a base64-encoded file parameter that allows remote injection of HTML or web script. Affected component is the web application’s handling of the bas...