CVE-2009-3367
Plohni AN Image Gallery - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in An image gallery 1.0 allow remote attackers to inject arbitrary web script or HTML via the path parameter to (1) index.php and (2) main.php, and the (3) show parameter to main.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ThE g0bL!N · textwebappsphp
https://www.exploit-db.com/exploits/9636
Scores
EPSS
0.0017
EPSS Percentile
38.3%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
plohni/an_image_gallery
n/a/n/a
Timeline
Published
Sep 24, 2009
Tracked Since
Feb 18, 2026