Lucene search
Paul GriffinSimple Php Gallery
2 matches found
CVE-2006-6272
Cross-site scripting (XSS) vulnerability in sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
6.8CVSS6AI score0.00458EPSS
CVE-2006-6273
sp_index.php in Simple PHP Gallery 1.1 allows remote attackers to obtain sensitive information via an invalid dir parameter, which reveals the path in an error message.
7.5CVSS6.6AI score0.0069EPSS