2 matches found
CVE-2006-3265
CVE-2006-3265 : Multiple XSS flaws in Qdig’s index.php prior to 1.2.9.3 allow remote attackers to inject script/HTML via the pre_gallery or post_gallery parameters when register_globals is enabled. The affected product is Qdig; root cause is unsanitized input in index.php. Exploitation details ar...
CVE-2006-3265
Multiple cross-site scripting XSS vulnerabilities in index.php in Qdig before 1.2.9.3, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 pregallery or 2 postgallery parameters...