CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-2052

Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the source code for version 1.0.2 of the product.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.5%

CVSS Severity

CVSS v2 Score 5.8

References

http://securityreason.com/securityalert/790
http://www.osvdb.org/24984
http://www.securityfocus.com/archive/1/432022/100/0/threaded
http://www.securityfocus.com/archive/1/432241/100/0/threaded
http://www.securityfocus.com/bid/17696
http://securityreason.com/securityalert/790
http://www.osvdb.org/24984
http://www.securityfocus.com/archive/1/432022/100/0/threaded
http://www.securityfocus.com/archive/1/432241/100/0/threaded
http://www.securityfocus.com/bid/17696

Products affected by CVE-2006-2052

Verosky Media » Instant Photo Gallery » Version: 1.0

cpe:2.3:a:verosky_media:instant_photo_gallery:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-2052

Products

Pricing

Contact Us