14 matches found
EUVD-2006-2080
Malware in sbrugna...
EUVD-2006-2081
Malware in sbrugna...
EUVD-2006-2053
Malware in sbrugna...
Sql injection
SQL injection vulnerability in portfoliophotopopup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not cleansed before calling the countclick function in includes/functions/fnsstd.php. NOTE: this issue could...
Cross site scripting
Cross-site scripting XSS vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, possibly before 1.0.2, allows remote attackers to inject arbitrary web script or HTML via the catid parameter...
CVE-2006-2079
Cross-site scripting XSS vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, possibly before 1.0.2, allows remote attackers to inject arbitrary web script or HTML via the catid parameter...
CVE-2006-2080
SQL injection vulnerability in portfoliophotopopup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not cleansed before calling the countclick function in includes/functions/fnsstd.php. NOTE: this issue could...
CVE-2006-2079
Cross-site scripting XSS vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, possibly before 1.0.2, allows remote attackers to inject arbitrary web script or HTML via the catid parameter...
CVE-2006-2079
CVE-2006-2079 describes a cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery, specifically in portfolio.php, potentially affecting versions before 1.0.2. The flaw is exploitable via the cat_id parameter, enabling remote attackers to inject arbitrary web script or HTML...
CVE-2006-2080
CVE-2006-2080 affects Verosky Media Instant Photo Gallery 1.0.2. The vulnerability is an SQL injection in portfolio_photo_popup.php (id parameter) that is not cleansed before calling count_click in includes/functions/fns_std.php, allowing remote attackers to execute arbitrary SQL commands. The no...
CVE-2006-2080
SQL injection vulnerability in portfoliophotopopup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not cleansed before calling the countclick function in includes/functions/fnsstd.php. NOTE: this issue could...
CVE-2006-2052
Cross-site scripting XSS vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the...
Cross site scripting
Cross-site scripting XSS vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the...
CVE-2006-2052
CVE-2006-2052 : XSS vulnerability in Verosky Media Instant Photo Gallery. The issue is exploitable via the member parameter in a viewpro action in member.php . This aligns with the NVD description and CVSS 2.0 base score of 5.8 (Medium), affecting confidentiality and integrity. A note in the desc...