CVE-2005-0928

Published: May 2, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in PhotoPost PHP Pro 5.x allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) password, (3) ppuser, (4) sort, or (5) si parameters to showgallery.php, the (6) ppuser, (7) sort, or (8) si parameters to showmembers.php, or (9) the photo parameter to slideshow.php.

Affected (1)

Products: Photopost: Photopost Php Pro

1 product

Photopost Php Pro

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Photopost Photopost Php Pro	Version 5.02

References (12)

http://marc.info/?l=bugtraq&m=111205342909640&w=2

Source: cve@mitre.org

http://secunia.com/advisories/14742

Source: cve@mitre.org

Vendor Advisory

http://securitytracker.com/id?1013581

Source: cve@mitre.org

Exploit

http://www.osvdb.org/15096

Source: cve@mitre.org

http://www.osvdb.org/15097

Source: cve@mitre.org

http://www.osvdb.org/15098

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=111205342909640&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/14742

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1013581

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.osvdb.org/15096

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/15097

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/15098

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.