PT-2005-1806 · Unknown · Photopost Php

Igor Franchuk

Published

2005-03-20

Updated

2017-07-11

CVE-2005-0777

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions PhotoPost PHP version 5.0 RC3

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML. The vulnerabilities are specifically found in the check tags function and the editbio field in the user profile.

Recommendations For PhotoPost PHP version 5.0 RC3, consider disabling the check tags function and restricting access to the editbio field in the user profile until a patch is available. Avoid using the editbio field in user profiles until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0777

Affected Products

Photopost Php

PT-2005-1806 · Unknown · Photopost Php

CVE-2005-0777

Related Identifiers

Affected Products

References · 6