CVE-2007-6309
The CVE-2007-6309 entry describes multiple cross-site scripting (XSS) vulnerabilities in webSPELL 4.1.2, specifically in index.php. The issues allow remote attackers to inject arbitrary script/HTML via parameters in two actions: (1) galleryID in a usergallery upload action, and (2) upID, tag, mon...