CVE-2004-2245 Information

Description

Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpic.php.

Reference

http://securitytracker.com/id?1012062 http://www.osvdb.org/11318 http://www.osvdb.org/11319 http://www.osvdb.org/11320 http://www.osvdb.org/ref/11/11xxx-goollery_multiple.txt http://www.securityfocus.com/bid/11587 https://exchange.xforce.ibmcloud.com/vulnerabilities/17957