CVE-2006-6936 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2006-6936

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary HTML or web script via (1) the catname parameter to displaypic.asp or (2) the search field. NOTE: vector 1 likely overlaps CVE-2006-3032.

Affected Software

Name	Vendor	Start Version	End Version
Xtremeasp_photogallery	Pensacola_web_designs	2.0 (including)	2.0 (including)

References

http://securityreason.com/securityalert/2148
http://www.securityfocus.com/archive/1/451786/100/0/threaded
http://www.securityfocus.com/bid/21138
https://exchange.xforce.ibmcloud.com/vulnerabilities/30327
http://securityreason.com/securityalert/2148
http://www.securityfocus.com/archive/1/451786/100/0/threaded
http://www.securityfocus.com/bid/21138
https://exchange.xforce.ibmcloud.com/vulnerabilities/30327