CVE-2004-2245 - Trollopian Titlover

Description

Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpic.php.

Reference

http://www.osvdb.org/ref/11/11xxx-goollery_multiple.txt http://www.securityfocus.com/bid/11587 http://www.osvdb.org/11318 http://www.osvdb.org/11319 http://www.osvdb.org/11320 http://securitytracker.com/id?1012062 https://exchange.xforce.ibmcloud.com/vulnerabilities/17957