Vulnerabilities for Absolute image gallery xe (...) - CXSECURITY.COM

Vulnerabilities for 'Absolute image gallery xe'

2008-06-18

CVE-2008-2766

CWE-79

Cross-site scripting (XSS) vulnerability in Xigla Absolute Image Gallery XE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) admin/search.asp and (2) gallery.asp.

CVE-2008-2765

CWE-89

SQL injection vulnerability in gallery.asp in Xigla Absolute Image Gallery XE allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action.

2007-03-16

CVE-2007-1469

CWE-89

SQL injection vulnerability in gallery.asp in Absolute Image Gallery 2.0 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter in a viewimage action.

2006-03-28

CVE-2006-1411

Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the shownew parameter in gallery.asp and (2) unspecified search module parameters.

2005-12-16

CVE-2005-4295

Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.x allows remote attackers to inject arbitrary web script or HTML via the text parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

>>> Vendor: Xigla 16 Products

Absolute image gallery xe

Absolute live support xe

Absolute faq manager .net

Absolute poll manager xe

Absolute news manager.net

Absolute banner manager.net

Absolute control panel xe

Absolute news manager xe

Absolute form processor xe

Absolute banner manager

Absolute news feed

Absolute podcast.net

Absolute newsletter

Absolute content rotator

Absolute form processor.net

Absolute live support .net

Copyright 2024, cxsecurity.com