vendor:
35mm Slide Gallery
by:
indoushka
8.8
CVSS
HIGH
Cross-Site Scripting (XSS)
79
CWE
Product Name: 35mm Slide Gallery
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)
2008
XSS Vulnerability in 35mm Slide Gallery
The 35mm Slide Gallery is vulnerable to Cross-Site Scripting (XSS) attacks. An attacker can inject malicious JavaScript code into the 'img' parameter of the 'popup.php' script. This code will be executed in the browser of the victim when they view the page.
Mitigation:
Input validation should be used to prevent XSS attacks.