CVE-2006-3023
published 2006-06-15CVE-2006-3023: Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp in Uapplication Uphotogallery 1.1 and earlier allow remote attackers to inject arbitrary…
PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.16%
63.1th percentile
Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp in Uapplication Uphotogallery 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) block parameters.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| uapplication | uphotogallery | <= 1.1 | — |
| uapplication | uphotogallery | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fm9r-6h86-jc5q: Cross-site scripting (XSS) vulnerability in images_archive
ghsa_unreviewed·2022-05-01·CVSS 4.3
CVE-2007-0815 [MEDIUM] GHSA-fm9r-6h86-jc5q: Cross-site scripting (XSS) vulnerability in images_archive
Cross-site scripting (XSS) vulnerability in images_archive.asp in Uapplication Uphotogallery 1.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the s parameter. NOTE: the thumbnails.asp vector is already covered by CVE-2006-3023.
GHSA
GHSA-78mf-rxgw-mx64: Multiple cross-site scripting (XSS) vulnerabilities in thumbnails
ghsa_unreviewed·2022-05-01
CVE-2006-3023 [MEDIUM] GHSA-78mf-rxgw-mx64: Multiple cross-site scripting (XSS) vulnerabilities in thumbnails
Multiple cross-site scripting (XSS) vulnerabilities in thumbnails.asp in Uapplication Uphotogallery 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) s and (2) block parameters.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://pridels0.blogspot.com/2006/06/uphotogallery-xss-vuln.htmlhttp://secunia.com/advisories/20606http://www.vupen.com/english/advisories/2006/2307https://exchange.xforce.ibmcloud.com/vulnerabilities/27034http://pridels0.blogspot.com/2006/06/uphotogallery-xss-vuln.htmlhttp://secunia.com/advisories/20606http://www.vupen.com/english/advisories/2006/2307https://exchange.xforce.ibmcloud.com/vulnerabilities/27034
2006-06-15
Published