mcGallery 1.1 - resize.php lang Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

mcGallery 1.1 - index.php lang Parameter XSS

No description provided by source...

CVE-2008-6211

Multiple cross-site scripting XSS vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to 1 admin.php, 2 index.php, 3 sess.php, 4 stats.php, 5 detail.php, 6 resize.php, and 7 show.php. NOTE: the provenance of this...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to 1 admin.php, 2 index.php, 3 sess.php, 4 stats.php, 5 detail.php, 6 resize.php, and 7 show.php. NOTE: the provenance of this...

CVE-2008-6211

The CVE-2008-6211 issue affects PhpForums.net mcGallery 1.1 and involves multiple XSS vulnerabilities. Arbitrary web script or HTML could be injected through the lang parameter to seven pages (admin.php, index.php, sess.php, stats.php, detail.php, resize.php, show.php). The root cause is reflecte...

mcGallery 1.1 - index.php?lang Cross-Site Scripting

mcGallery 1.1 - index.php?lang Cross-Site Scripting source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary...

mcGallery 1.1 - 'show.php?lang' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...

mcGallery 1.1 - 'admin.php?lang' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...

mcGallery 1.1 - 'index.php?lang' Cross-Site Scripting

source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...

CVE-2005-1998

Directory traversal vulnerability in admin.php in McGallery 1.1 allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter...

CVE-2005-1997

The CVE-2005-1997 vulnerability affects McGallery 1.1, specifically the show.php component. The issue arises when a modified host parameter enables remote attackers to connect to arbitrary databases or to trigger error conditions that disclose sensitive information. The underlying fault is the ha...

CVE-2005-1998

CVE-2005-1998 is a directory traversal vulnerability affecting McGallery 1.1, where the lang parameter can be exploited with .. to read arbitrary files from the server. The commonly cited references (NVD, CVE List, CVE.org) confirm the issue and the affected product/version, but the materials do ...