I found a recent exploit. Absolute Image Gallery XE version 2.0 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the gallery.asp script. A remote attacker could exploit this vulnerability using the shownew parameter to execute script in a victim's Web browser.
http://xforce.iss.net/xforce/xfdb/25466
Please contact your code developer to update it.
http://xforce.iss.net/xforce/xfdb/25466
Please contact your code developer to update it.