CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-3021

Multiple cross-site scripting (XSS) vulnerabilities in BlueCollar i-Gallery 4.1 PLUS and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) n and (2) d parameters in (a) login.asp and the d parameter in (b) igallery.asp.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.3%

CVSS Severity

CVSS v2 Score 6.8

References

http://pridels0.blogspot.com/2006/06/i-gallery-xss-vuln.html
http://secunia.com/advisories/20610
http://www.vupen.com/english/advisories/2006/2306
https://exchange.xforce.ibmcloud.com/vulnerabilities/27036
http://pridels0.blogspot.com/2006/06/i-gallery-xss-vuln.html
http://secunia.com/advisories/20610
http://www.vupen.com/english/advisories/2006/2306
https://exchange.xforce.ibmcloud.com/vulnerabilities/27036

Products affected by CVE-2006-3021

Blue-Collar Productions » I-Gallery » Version: Any

cpe:2.3:a:blue-collar_productions:i-gallery:*
Blue-Collar Productions » I-Gallery » Version: 3.3

cpe:2.3:a:blue-collar_productions:i-gallery:3.3
Blue-Collar Productions » I-Gallery » Version: 3.4

cpe:2.3:a:blue-collar_productions:i-gallery:3.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-3021

Products

Pricing

Contact Us