Vulnerability Details CVE-2006-6936
Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary HTML or web script via (1) the catname parameter to displaypic.asp or (2) the search field. NOTE: vector 1 likely overlaps CVE-2006-3032.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.5%
CVSS Severity
CVSS v2 Score 6.8
References
- http://securityreason.com/securityalert/2148
- http://www.securityfocus.com/archive/1/451786/100/0/threaded
- http://www.securityfocus.com/bid/21138
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30327
- http://securityreason.com/securityalert/2148
- http://www.securityfocus.com/archive/1/451786/100/0/threaded
- http://www.securityfocus.com/bid/21138
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30327
Products affected by CVE-2006-6936
-
cpe:2.3:a:pensacola_web_designs:xtremeasp_photogallery:2.0