2 matches found
CVE-2006-4259
Cross-site scripting XSS vulnerability in index.php in Fotopholder 1.8 allows remote attackers to inject arbitrary web script or HTML via the path parameter. NOTE: this might be resultant from a directory traversal vulnerability...
CVE-2006-4259
Fotopholder 1.8 contains a cross-site scripting (XSS) flaw in index.php that allows an attacker to inject arbitrary script or HTML via the path parameter. The vulnerability is noted as potentially stemming from a directory traversal issue. Affected software: Fotopholder 1.8 (index.php). Consequen...