CVE-2003-1146

Name of the Vulnerable Software and Affected Versions John Beatty Easy PHP Photo Album version 1.0

Description A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the dir parameter in the API endpoint. This could potentially lead to unauthorized actions on the web application.

Recommendations For John Beatty Easy PHP Photo Album version 1.0, consider validating and sanitizing user input for the dir parameter to prevent injection of malicious scripts. As a temporary workaround, restrict access to the dir parameter to minimize the risk of exploitation.