Produkt QDIG (...) - CVEMAP.ORG

Podatności dla 'QDIG'

2007-02-12

CVE-2007-0876

CWE-Other

Cross-site scripting (XSS) vulnerability in Quick Digital Image Gallery (Qdig) 1.2.9.3 and devel-20060624 allows remote attackers to inject arbitrary web script or HTML via the Qwd parameter to the top-level URI.

2006-06-27

CVE-2006-3265

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters.

Copyright 2024, cxsecurity.com