CVE-2006-2294
Dynamic Galerie 1.0 - Cross-Site Scripting via pfad Parameter
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2006-2294. PoCs published by d4igoro.
AI-analyzed exploit summary The provided text describes a directory traversal and XSS vulnerability in Dynamic Galerie, but does not include actual exploit code. It outlines the impact and attack vectors without technical implementation details.
Description
Cross-site scripting (XSS) vulnerability in Dynamic Galerie 1.0 allows remote attackers to inject arbitrary web script or HTML via the pfad parameter in (1) index.php and (2) galerie.php. NOTE: this issue might be resultant from directory traversal.
Exploits (2)
The provided text describes a directory traversal and XSS vulnerability in Dynamic Galerie, but does not include actual exploit code. It outlines the impact and attack vectors without technical implementation details.
The provided text describes a directory traversal and XSS vulnerability in Dynamic Galerie, but does not include actual exploit code. It references a SecurityFocus BID and outlines potential attack vectors without technical implementation details.