cbcvebase.
CVE-2006-2052
published 2006-04-26

CVE-2006-2052: Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member…

PriorityP420medium5.8CVSS 2.0
AVNACMAuNCPIPAN
EXPLOIT
EPSS
1.82%
76.1th percentile
Cross-site scripting (XSS) vulnerability in Verosky Media Instant Photo Gallery allows remote attackers to inject arbitrary web script or HTML via the member parameter in a viewpro action in member.php. NOTE: the original report may be inaccurate, since the "viewpro" string does not appear in the source code for version 1.0.2 of the product.

Affected

1 ranges
VendorProductVersion rangeFixed in
verosky_mediainstant_photo_gallery
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.