MidnightBSD

Advisories for enhanced_simple_php_gallery

CVE-2006-0112 MEDIUM

Cross-site scripting (XSS) vulnerability in index.php in Enhanced Simple PHP Gallery 1.7 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
enhanced_simple_php_gallery enhanced_simple_php_gallery 1.7
CVE-2006-0113 MEDIUM

Enhanced Simple PHP Gallery 1.7 allows remote attackers to obtain the full path of the application via a direct request to sp_helper_functions.php, which leaks the pathname in an error message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
enhanced_simple_php_gallery enhanced_simple_php_gallery 1.7