MidnightBSD

Advisories for qdig

CVE-2006-3265 LOW

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Qdig before 1.2.9.3, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) pre_gallery or (2) post_gallery parameters.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
qdig qdig 1.2.9
qdig qdig 1.2.5
qdig qdig 1.2.6
qdig qdig 1.2.2
qdig qdig 1.2.1
qdig qdig 1.2.9.2
qdig qdig 1.1.3
qdig qdig 1.2.3
qdig qdig 1.2.9.1
qdig qdig 1.2.7
qdig qdig 1.2.8
qdig qdig 1.2.0
qdig qdig 1.2.4