Cross-site scripting (XSS) vulnerability in index.php for GOOP Gallery 2.0, and possibly other versions before 2.0.3, allows remote attackers to inject arbitrary HTML or web script via the image parameter.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:19
Type | Values Removed | Values Added |
---|---|---|
References | () http://lostmon.blogspot.com/2006/10/goop-gallery-image-param-cross-site.html - Exploit | |
References | () http://securitytracker.com/id?1017081 - Exploit | |
References | () http://webgeneius.com/index.php?mod=blog&id=49 - Patch, URL Repurposed | |
References | () http://www.securityfocus.com/bid/20554 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/29643 - |
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://webgeneius.com/index.php?mod=blog&id=49 - Patch, URL Repurposed |
Information
Published : 2006-10-28 01:07
Updated : 2024-11-21 00:19
NVD link : CVE-2006-5598
Mitre link : CVE-2006-5598
CVE.ORG link : CVE-2006-5598
JSON object : View
Products Affected
webgeneius
- goop_gallery
CWE