Unrated severityNVD Advisory· Published Aug 22, 2015· Updated Jun 17, 2026
CVE-2015-2982
CVE-2015-2982
Description
Cross-site scripting (XSS) vulnerability in jquery.lightbox-0.5.min.js in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote authenticated users to inject arbitrary web script or HTML via unspecified input to admin.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:php_kobo:photo_gallery_cms_free:1.0.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:php_kobo:photo_gallery_cms_free:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:php_kobo:photo_gallery_cms_free:1.0.1:*:*:*:*:*:*:*
- (no CPE)range: <=1.0.1 Free
Patches
Vulnerability mechanics
References
3- jvn.jp/en/jp/JVN69175956/index.htmlnvdVendor Advisory
- jvndb.jvn.jp/jvndb/JVNDB-2015-000113nvdVendor Advisory
- www.php-factory.net/trivia/16.phpnvdVendor Advisory
News mentions
0No linked articles in our index yet.