Multiple cross-site scripting (XSS) vulnerabilities in upload.cgi in G5-Scripts Auto-Img-Gallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pass parameters.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/58139http://www.xenuser.org/documents/security/auto-img-gallery_xss.txthttp://www.securityfocus.com/bid/39714http://secunia.com/advisories/39599
