CVE-2006-3476

Published: Jul 10, 2006Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in comments.php in PhpWebGallery 1.5.2 and earlier, and possibly 1.6.0, allows remote attackers to inject arbitrary web script or HTML via the keyword parameter.

Affected (6)

Products: Phpwebgallery: Phpwebgallery

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Phpwebgallery Phpwebgallery	Version 1.0
Phpwebgallery Phpwebgallery	Version 1.1
Phpwebgallery Phpwebgallery	Version 1.4.1
Phpwebgallery Phpwebgallery	Version 1.5.1
Phpwebgallery Phpwebgallery	Version 1.5.2
Phpwebgallery Phpwebgallery	Version 1.6

References (14)

http://secunia.com/advisories/20935

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/1228

Source: cve@mitre.org

http://securitytracker.com/id?1016435

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/439049/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/18798

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2006/2669

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27526

Source: cve@mitre.org

http://secunia.com/advisories/20935

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/1228

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1016435

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/439049/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/18798

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.vupen.com/english/advisories/2006/2669

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/27526

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.