CVE-2006-6936

Published: Jan 17, 2007Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary HTML or web script via (1) the catname parameter to displaypic.asp or (2) the search field. NOTE: vector 1 likely overlaps CVE-2006-3032.

Affected (1)

Products: Pensacola Web Designs: Xtremeasp Photogallery

Pensacola Web Designs

1 product

Xtremeasp Photogallery

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Pensacola Web Designs Xtremeasp Photogallery	Version 2.0

References (8)

http://securityreason.com/securityalert/2148

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/451786/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/21138

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/30327

Source: cve@mitre.org

http://securityreason.com/securityalert/2148

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/451786/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/21138

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/30327

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.