EUVD-2004-2238

Malware in sbrugna...

EUVD-2004-2237

Malware in sbrugna...

CVE-2004-2246

Cross-site scripting XSS vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversationid parameter to viewpic.php...

Goolery 0.3 viewpic.php conversation_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11587/info It is reported that Goollery is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These problems presen...

Goollery Multiple XSS

Goollery, a GMail based photo gallery written in PHP, is installed on this remote host. According to it's version number, this host is vulnerable to multiple cross-site-scripting XSS attacks; eg, through the 'viewpic.php' script. An attacker, exploiting these flaws, would need to be able to coerc...

Goollery < 0.04b Multiple XSS Vulnerabilities - Active Check

Goollery is prone to multiple cross-site-scripting XSS vulnerabilities eg. through the SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2004-2245

Cross-site scripting XSS vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the 1 page parameter to viewalbum.php or 2 btopage parameter to viewpic.php...

CVE-2004-2245

Goollery is affected by multiple XSS in viewalbum.php (via the page parameter) and viewpic.php (via the btopage parameter). The CVE entry documents a reflected XSS vulnerability in Goollery 0.03 that allows remote attackers to inject arbitrary HTML/JS in a user’s browser. OpenVAS/Nessus entries c...

CVE-2004-2246

CVE-2004-2246 involves a cross-site scripting (XSS) vulnerability in Goollery prior to 0.04b. The issue is exploitable via the conversation_id parameter to viewpic.php, allowing remote attackers to inject arbitrary HTML or script into a user’s browser session. The available connected sources conf...

CVE-2004-2246

Cross-site scripting XSS vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversationid parameter to viewpic.php...

CVE-2004-2245

Cross-site scripting XSS vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the 1 page parameter to viewalbum.php or 2 btopage parameter to viewpic.php...

CVE-2004-2246

Cross-site scripting XSS vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversationid parameter to viewpic.php...

Goollery < 0.04b Multiple Vulnerabilities

According to its self-reported version number, the instance of Goollery running on the remote host is affected by multiple cross-site scripting XSS vulnerabilities in the viewpic.php script. An unauthenticated, remote attacker can exploit these vulnerabilities, via a specially crafted request, to...

Goolery 0.3 - &#039;viewalbum.php?page&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/11587/info It is reported that Goollery is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These problems present themselves when malicious HTML a...

Goolery 0.3 - viewalbum.php?page Cross-Site Scripting

Goolery 0.3 - viewalbum.php?page Cross-Site Scripting source: https://www.securityfocus.com/bid/11587/info It is reported that Goollery is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input...

Goolery 0.3 - &#039;viewpic.php?conversation_id&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/11587/info It is reported that Goollery is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. These problems present themselves when malicious HTML a...