Verosky Media: >> Instant Photo Gallery >> 1.0 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in portfolio.php in Verosky Media Instant Photo Gallery, possibly before 1.0.2, allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter.
CVSS Score
4.3
EPSS Score
0.007
Published
2006-04-27
Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the source code for version 1.0.2 of the product.
CVSS Score
5.8
EPSS Score
0.005
Published
2006-04-26