PhotoPost PHP 'showgallery.php' Multiple Cross Site Scripting Vulnerabilities Network Vulnerability

Summary

PhotoPost PHP is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user- supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks. PhotoPost PHP 4.8c is vulnerable other versions may also be affected.

References

http://www.photopost.com
http://www.securityfocus.com/archive/1/516793
https://www.securityfocus.com/bid/46649

Updated on 2015-03-25

Severity

Classification

CVE CVE-2005-0274

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Annuaire PHP 'sites_inscription.php' Cross Site Scripting Vulnerability
Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
@Mail 'admin.php' Cross-Site Scripting Vulnerabilities
Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
Apache Tomcat NIO Connector Denial of Service Vulnerability

Take action and discover your vulnerabilities