3 matches found
CVE-2006-2955
Multiple cross-site scripting XSS vulnerabilities in KAPhotoservice 7.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 New Category newcategory or 2 apage parameter to a edtalbum.asp, or the 3 cat or 4 albumid parameter to b album.asp...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in KAPhotoservice 7.5 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 New Category newcategory or 2 apage parameter to a edtalbum.asp, or the 3 cat or 4 albumid parameter to b album.asp...
KAPhotoservice 7.5 - edtalbum.asp Multiple Cross-Site Scripting Vulnerabilities
KAPhotoservice 7.5 - edtalbum.asp Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/18379/info KAPhotoservice is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these...