CVE-2003-0614
Gallery 1.1-1.3.4 - Cross-Site Scripting via Search String Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2003-0614. PoCs published by Larry Nguyen.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Gallery's search functionality. The PoC provides a malicious URL that injects arbitrary JavaScript code into the search parameter, which is rendered in the browser of a user who follows the link.
Description
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Gallery's search functionality. The PoC provides a malicious URL that injects arbitrary JavaScript code into the search parameter, which is rendered in the browser of a user who follows the link.