CVE-2008-3511

Name of the Vulnerable Software and Affected Versions Softbiz Image Gallery (Photo Gallery) (affected versions not specified)

Description The issue allows remote attackers to inject arbitrary web script or HTML via specific parameters to various PHP files. This can be achieved through the latest parameter to files such as index.php, images.php, suggest image.php, and image desc.php, and the msg parameter to files including index.php, images.php, suggest image.php, as well as several files within the admin directory like adminhome.php, config.php, changepassword.php, cleanup.php, browsecats.php, and images.php.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.