CVE-2006-0330

Published: Jan 21, 2006Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Gallery before 1.5.2 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors, possibly involving the user name (fullname).

Affected (16)

Products: Gallery Project: Gallery

Gallery Project

1 product

Configuration A

16 vulnerable

Vulnerable Software	Affected Versions
Gallery Project Gallery	Version 1.3.4
Gallery Project Gallery	Version 1.4.1
Gallery Project Gallery	Version 1.4.2
Gallery Project Gallery	Version 1.4.3_pl1
Gallery Project Gallery	Version 1.4.3_pl2
Gallery Project Gallery	Version 1.4.4_pl2
Gallery Project Gallery	Version 1.4.4_pl3
Gallery Project Gallery	Version 1.4.4_pl4
Gallery Project Gallery	Version 1.4.4_pl5
Gallery Project Gallery	Version 1.4
Gallery Project Gallery	Version 1.4_pl1
Gallery Project Gallery	Version 1.4_pl2
Gallery Project Gallery	Version 1.5.1
Gallery Project Gallery	Version 1.5.1_rc2
Gallery Project Gallery	Version 1.5.2_rc2
Gallery Project Gallery	Version 1.5

References (22)

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285

Source: cve@mitre.org

http://gallery.menalto.com/page/gallery_1_5_2_release

Source: cve@mitre.org

http://secunia.com/advisories/18557

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/18627

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/21502

Source: cve@mitre.org

http://www.gentoo.org/security/en/glsa/glsa-200601-13.xml

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/22660

Source: cve@mitre.org

Patch

http://www.securityfocus.com/bid/16334

Source: cve@mitre.org

Patch

http://www.us.debian.org/security/2006/dsa-1148

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/0282

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24247

Source: cve@mitre.org

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325285

Source: af854a3a-2127-422b-91ae-364da2661108

http://gallery.menalto.com/page/gallery_1_5_2_release

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/18557

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/advisories/18627

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://secunia.com/advisories/21502

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.gentoo.org/security/en/glsa/glsa-200601-13.xml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.osvdb.org/22660

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/bid/16334

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.us.debian.org/security/2006/dsa-1148

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/0282

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/24247

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.