Cross-Site Scripting Vulnerability in Fritz Berger PHP Photo Album
CVE-2008-6495

Currently unrated

Key Information:

Vendor

Zirkon Box

Status
Yappa-ng
Vendor
CVE Published:
20 March 2009

What is CVE-2008-6495?

A Cross-Site Scripting (XSS) vulnerability exists in the index.php file of Fritz Berger's yet another php photo album - next generation (yappa-ng) version 2.3.2. This flaw allows remote attackers to inject arbitrary web scripts or HTML code through the album parameter. If exploited, an attacker could execute malicious scripts in the context of the user’s browser, potentially compromising the user's session or redirecting them to malicious sites.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47078
vdb-entryx_refsource_XF
http://secunia.com/advisories/32325
third-party-advisoryx_refsource_SECUNIA
http://packetstormsecurity.org/0812-exploits/yappang-xss.txt
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.