Vulnerability Details CVE-2006-5057
Multiple cross-site scripting (XSS) vulnerabilities in Ktools.net PhotoStore allow remote attackers to inject arbitrary web script or HTML via the (1) gid parameter in details.php, or the (2) photogid parameter in view_photog.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.027
EPSS Ranking 85.2%
CVSS Severity
CVSS v2 Score 5.1
References
- http://secunia.com/advisories/22122
- http://securityreason.com/securityalert/1640
- http://www.securityfocus.com/archive/1/446909/100/0/threaded
- http://www.securityfocus.com/bid/20172
- http://www.vupen.com/english/advisories/2006/3781
- http://secunia.com/advisories/22122
- http://securityreason.com/securityalert/1640
- http://www.securityfocus.com/archive/1/446909/100/0/threaded
- http://www.securityfocus.com/bid/20172
- http://www.vupen.com/english/advisories/2006/3781
Products affected by CVE-2006-5057
-
cpe:2.3:a:ktools.net:photostore:*