Goollery < 0.04b Multiple XSS Vulnerabilities - Active Check

Goollery is prone to multiple cross-site-scripting XSS vulnerabilities eg. through the SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2004-2245

Cross-site scripting XSS vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the 1 page parameter to viewalbum.php or 2 btopage parameter to viewpic.php...

CVE-2004-2245

Goollery is affected by multiple XSS in viewalbum.php (via the page parameter) and viewpic.php (via the btopage parameter). The CVE entry documents a reflected XSS vulnerability in Goollery 0.03 that allows remote attackers to inject arbitrary HTML/JS in a user’s browser. OpenVAS/Nessus entries c...

CVE-2004-2246

CVE-2004-2246 involves a cross-site scripting (XSS) vulnerability in Goollery prior to 0.04b. The issue is exploitable via the conversation_id parameter to viewpic.php, allowing remote attackers to inject arbitrary HTML or script into a user’s browser session. The available connected sources conf...

CVE-2004-2246

Cross-site scripting XSS vulnerability in Goollery before 0.04b allows remote attackers to inject arbitrary HTML or web script via the conversationid parameter to viewpic.php...

Goollery < 0.04b Multiple Vulnerabilities

According to its self-reported version number, the instance of Goollery running on the remote host is affected by multiple cross-site scripting XSS vulnerabilities in the viewpic.php script. An unauthenticated, remote attacker can exploit these vulnerabilities, via a specially crafted request, to...