Exploitation Summary
EIP tracks 1 public exploit for CVE-2006-6936. PoCs published by Aria-Security Team.
AI-analyzed exploit summary The provided text describes multiple input-validation vulnerabilities in Xtreme ASP Photo Gallery, including XSS and SQL injection, but does not contain actual exploit code. It references a URL parameter vulnerable to XSS.
Description
Cross-site scripting (XSS) vulnerability in Xtreme ASP Photo Gallery allows remote attackers to inject arbitrary HTML or web script via (1) the catname parameter to displaypic.asp or (2) the search field. NOTE: vector 1 likely overlaps CVE-2006-3032.
Exploits (1)
The provided text describes multiple input-validation vulnerabilities in Xtreme ASP Photo Gallery, including XSS and SQL injection, but does not contain actual exploit code. It references a URL parameter vulnerable to XSS.