Multiple cross-site scripting (XSS) vulnerabilities in index.php in GaliX 2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) galix_cat_detail, (2) galix_gal_detail, and (3) galix_cat_detail_sort parameters.
References
Link | Resource |
---|---|
http://osvdb.org/36253 | |
http://redlevel.org/wp-content/uploads/2007/05/galix.txt | Exploit |
http://secunia.com/advisories/25324 | Vendor Advisory |
http://www.securityfocus.com/bid/24066 | Exploit |
Configurations
History
No history.
Information
Published : 2007-05-22 19:30
Updated : 2024-02-04 17:13
NVD link : CVE-2007-2806
Mitre link : CVE-2007-2806
CVE.ORG link : CVE-2007-2806
JSON object : View
Products Affected
galix
- galix
CWE