CVE-2006-2210

Name of the Vulnerable Software and Affected Versions 321soft PhP-Gallery version 0.9

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved by manipulating the path parameter in index.php. The issue might be related to a directory traversal vulnerability.

Recommendations For 321soft PhP-Gallery version 0.9, consider restricting access to the path parameter in index.php to minimize the risk of exploitation. As a temporary workaround, avoid using the path parameter until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.