Vulnerability Details CVE-2006-0112
Cross-site scripting (XSS) vulnerability in index.php in Enhanced Simple PHP Gallery 1.7 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.4%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/ref/22/22201-espg.txt
- http://secunia.com/advisories/18310
- http://www.osvdb.org/22201
- http://www.vupen.com/english/advisories/2006/0036
- http://osvdb.org/ref/22/22201-espg.txt
- http://secunia.com/advisories/18310
- http://www.osvdb.org/22201
- http://www.vupen.com/english/advisories/2006/0036
Products affected by CVE-2006-0112
-
cpe:2.3:a:enhanced_simple_php_gallery:enhanced_simple_php_gallery:1.7