RSS   Vulnerabilities for 'Phpslideshow'   RSS

2007-11-27
 
CVE-2007-6135

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in phpslideshow.php in PHPSlideShow 0.9.9.2, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the directory parameter. NOTE: this issue was originally reported for toonchapter8.php, but this is probably a site-specific name, since the PHPSlideShow distribution does not contain that file.

 


Copyright 2024, cxsecurity.com

 

Back to Top